Adobe Customers Being E-Mailed New Malware
Red Condor the software security company has issued an alert that another piece of malicious software has been unleashed. The malware makes its presence through an e-mail which talks about security flaws within Adobe applications.
The scam allegedly attacks Adobe clients, while it includes bogus messages that have been apparently forwarded. The e-mail starts with a message for security update from a team member of "Adobe Risk Management".
Actually, the e-mail campaign cautions recipients that Adobe software has Denial-of-Service (DOS) vulnerability, therefore organizations using it must make their systems up-to-date with the most recent patch.
However, Red Condor points out the e-mail campaign's most persuasive as well as potentially destructive nature. It says that the structure adopted for the entire campaign is tailor-made and spoofed for each e-mail and recipient.
Additionally, the company reports that the messages contain e-mail addresses and full names of people who are recruited to high posts within the recipient's company. The purpose probably is to lend a touch of legitimacy to them. Also, they have embedded web-links that lead onto a PDF file having the instructions for updating recipients' systems with the patch. However, the file carries an executable too that Red Condor has detected as a Trojan.
Remarking about the sophisticated campaign, President and CEO Dr. Tom Steding of Red Condor stated that it showed the extent to which scammers are going for getting their messages bypass security solutions in order that they might plant malicious software on innocent end-users' PCs. Earthtimes.org published this on May 5, 2010.
Continuing further, Steding said that the e-mail as such was crafted convincingly, while it seemed to have by now infiltrated via series of commands into the mailbox(s) of the victim's organization. He added that in general the campaign was persuasive, which could pose an enormous danger in case the volume of e-mails increased.
Thus for safety, Red Condor is recommending users receiving the scam e-mail that they must delete it instantly. Also, they mustn't follow the embedded web-link since it may result into malware infection on their computers.
Related article: Adobe Rates Acrobat Vulnerabilities “Critical”
» SPAMfighter News - 17-05-2010