Laptop Delivery E-mail Drops Trojan, Warns Trend MicroMaydalene Salvador, anti-spam Research Engineer of Content Security Team at Trend Micro said via a post he made to the blog, zastita.com, on August 21, 2009 that numerous spam mails had reached the Team containing an attachment in a Zip format on August 21, 2009. Salvador states in his blog post that the unsolicited spam mail's text begins by thanking the customer (e-mail recipient) for placing an order to purchase a "Sony Vaio" laptop at Internet Store, an online shop and the sender of the e-mail. The message then tells the recipient that his postal parcel's tracking number is provided in an attached document, which the customer must open to know the number. Nevertheless, the attachment is not an Office document but a file with an .exe extension that Trend Micro identified as BKDR_REDOLAB.AL. The backdoor application plants a file named %Windows%\Braviax.exe that Trend Micro identified as TROJ_RENOS.BAV. Consequently, the installed file displays its malicious routines on the infected computer. Salvador said - the Renos malware together with its variants are recognized as downloaders of fake AV software, which has created problems and confusion for computer users in recent years. Indeed, sophisticated malware distributors, supplying evasive AV programs, have introduced a new trap to redirect computer users to malicious websites that result in the compromise of their systems. For the past two months, the malicious payload of Blackhat Search Engine Optimization attacks has been the fake antivirus TROJ_RENOS.BAV. It was similar to malevolent web-links, which emerged when Internet surfers searched for information about the death of Corazon Aquino, malicious Twitter messages and the recent solar eclipse. Reportedly, the last that Internet surfers saw were destructive attachments, which took users to fake antivirus websites through spam that was captioned, "Reconfigure Your Outlook." However, Trend Micro recommends that customers should run the latest antivirus program on their computers if they have got the fraudulent e-mail as well as repeat the installation process of their spam-filters if the spam mail has penetrated the already installed filters and gained entry into their inboxes. Related article: Laptop Holding Personal Data Stolen from State Employee’s Home » SPAMfighter News - 9/8/2009 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
