English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

Mabezat Worm Preys on Job Seekers

As per the security researchers, the last week of February 2010 has witnessed an increase in spam e-mails containing cautiously packed files infected with computer worm "Win32.Worm.Mabezat.J". Taking benefit of the unstable state of the world economy, cybercriminals are masquerading malware as genuine job offers.

It appears as if the worm is a variant of an earlier edition; however, it makes use of some smart words to convince recipients to visit the infected Webpage served to them.

The spam mails carry different job-related mail subjects, like 'We are hiring you', 'Web designer vacancy', 'New work for you', or 'Welcome to your new work'. According to reports, the e-mail has an allegedly safe attachment "winmail.dat" that is billed as being a Word RTF (Rich Text Format) file.

Most of the knowledgeable users run the file through Winrar or Winzip, which decodes the DAT file into its end format but most importantly, the strange nature of the DAT file indicates that most of the on-network IT security technologies fail to notice the malicious payload.

On extraction, the archive shows up what seems to be a MS-Word document called Reademe.doc. However, on close examination, it appears to be an executable file infected with Win32.Worm.Mabezat.J.

What is most important about this worm is the fact that it can hit executable files by substituting the first 1768 bytes of the malicious executable file with the encrypted body of its own. The worm begins its infection campaign by infecting the main executable of the Windows Media Player along with some binaries in Outlook Express.

The security experts opined that the Mabezat family is very harmful. Along with infecting binary files and system files, they also gather mail addresses from different file formats that it finds on the infected machine. After the compilation of the e-mail list, the worm starts mass-mailing itself by using its own SMTP engine.

A senior researcher with BitDefender, Alexanderu Catalin Cosoi, said that for the ultimate protection of their PCs, users should install a complete anti-malware suite, including anti-spam, anti-virus, anti-phishing and firewall protection, as per the news published by infosecurity.com on March 3, 2010.

» SPAMfighter News - 10-03-2010

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>