New Spam Campaign Spreading Virus

Security researchers from security firm Sophos are warning of a spam campaign that is tricking users into opening a malware-laden PDF document. The e-mail claims that the user has made many long distance phone calls. The malicious document used in the scam is developed to abuse a vulnerability in Adobe Reader in order to download a computer virus.

These fake e-mails come with the subject "phone calls". The content of the e-mail reads like: "Hey man... Remember all those long distance phone calls we made. Well I got my telephone bill and WOW. Please help me and look at the bill see which calls where yours ok...."

The malicious file attachment "PhoneCalls.pdf" has been detected as Troj/PDFJs-II by Sophos. It looks to misuse a previously found vulnerability that lies in the way TIFF images are handled by Adobe Reader (CVE-2010-0188, APSB10-07) in a bid drop and run malicious code on the victim's PC.

The aforementioned vulnerability facilitates attacker to launch denial of service attack or probably runs an arbitrary code through some unknown vector. This flaw was detected by Microsoft researchers and was fixed in an 'out of band" security update released in February 2010.

Richard Cohen, technical head for malware research at SophosLabs Canada, noted that if exploited successfully, the attack will lead to the unauthorized malware downloader installation identified as Troj/SalLoad-B. The purpose of this Trojan is to compromise target computers with Sality virus' version, reported SOFTPEDIA on July 2, 2010.

According to the security experts, polymorphic virus Sality attaches its malware to all the executable files on the target system and the network shares. It is regarded as one of the most destructive PC viruses doing rounds currently, as the files infected by it gets corrupted beyond repair.

In the past also, the virus had proved to be a major concern for the AV companies and their customers across the world, owing to continued transformations in its polymorphic engine.

The Sophos security researcher suggests users to regularly update their Adobe Reader applications to remain safe from the attacks using malicious PDF documents. Users should also employ other security layers, such as a capable antivirus program having proven ability to ward off online threats.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 13-07-2010

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial