New Spam Campaign Spreading VirusSecurity researchers from security firm Sophos are warning of a spam campaign that is tricking users into opening a malware-laden PDF document. The e-mail claims that the user has made many long distance phone calls. The malicious document used in the scam is developed to abuse a vulnerability in Adobe Reader in order to download a computer virus. These fake e-mails come with the subject "phone calls". The content of the e-mail reads like: "Hey man... Remember all those long distance phone calls we made. Well I got my telephone bill and WOW. Please help me and look at the bill see which calls where yours ok...." The malicious file attachment "PhoneCalls.pdf" has been detected as Troj/PDFJs-II by Sophos. It looks to misuse a previously found vulnerability that lies in the way TIFF images are handled by Adobe Reader (CVE-2010-0188, APSB10-07) in a bid drop and run malicious code on the victim's PC. The aforementioned vulnerability facilitates attacker to launch denial of service attack or probably runs an arbitrary code through some unknown vector. This flaw was detected by Microsoft researchers and was fixed in an 'out of band" security update released in February 2010. Richard Cohen, technical head for malware research at SophosLabs Canada, noted that if exploited successfully, the attack will lead to the unauthorized malware downloader installation identified as Troj/SalLoad-B. The purpose of this Trojan is to compromise target computers with Sality virus' version, reported SOFTPEDIA on July 2, 2010. According to the security experts, polymorphic virus Sality attaches its malware to all the executable files on the target system and the network shares. It is regarded as one of the most destructive PC viruses doing rounds currently, as the files infected by it gets corrupted beyond repair. In the past also, the virus had proved to be a major concern for the AV companies and their customers across the world, owing to continued transformations in its polymorphic engine. The Sophos security researcher suggests users to regularly update their Adobe Reader applications to remain safe from the attacks using malicious PDF documents. Users should also employ other security layers, such as a capable antivirus program having proven ability to ward off online threats. Related article: New Zealand Releases Code To Reduce Spam ยป SPAMfighter News - 7/13/2010 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
