New Xerox WorkCentre Pro Infecting Emails DetectedA new series of spam e-mails alleged to be automated messages sent by 'Xerox WorkCentre Pro machines' were circulating a Trojan from the malware family Oficla, as reported by Softpedia on August 20, 2010. The WorkCentre Pro is a popular series of multitasking devices including printing, scanning, copying, and faxing functions produced by Xerox. These devices, which are generally used in large organizations and companies, have the capability to send automated e-mails along with scanned copies of documents. MX Lab (a security firm) seized some emails with subject line as "Scan from a Xerox WorkCentre Pro N 6204257? that includes the recent Oficla Trojan variant. These emails were sent from a spoofed email address and had subject in one of the following categories: "Scan from a Xerox WorkCentre Pro #7943943", "Scan from a Xerox WorkCentre Pro N9700617", and "Scan from a Xerox WorkCentre Pro $6208924". The content of the email asks the readers to open the attachment. It also informs the readers that it was scanned and sent using a Xerox WorkCentre Pro. The email includes a ZIP archive named Tax report.zip along with the 56 kB document named Xerox_doc.exe. In case the users execute the file, a variant of Oficla computer Trojan will be installed on their computers. 10 out of 42 anti-virus programs on VirusTotal detected this sample as malicious on August 19, 2010. Commenting on these attacks, security experts said that it seemed malware distributors had copied the scanner's email template once again and employed it to design infected emails that appeared familiar to many people in office environments. A similar campaign was also detected in July 2010. Though the subject lines were different in previous campaign, the e-mails content remained same. Security experts advised users and said that the practice of exploiting known e-mail templates to scam users was one that had been seen a lot lately. Users are recommended to exercise caution while clicking on links in emails or opening attachments even though they seem to be sent by a reliable source. Related article: New Zealand Releases Code To Reduce Spam » SPAMfighter News - 26-08-2010
Share and tell your friends!
| All SPAMfighter products offer a free trial!
SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.
Optimize your Slow PC for better performance. Try FREE scan now
SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.
Remove Spyware with SPYWAREfighter - Free 30 days trial
Antivirus software for your Windows PC - Free 30 days trial | ||||||||||||||||||||||||||||
| <<< | >>> | ||||||||||||||||||||||||||||
SPAMfighter is
