New Malware Scam Spreading Buzus Generates Spam Mails

Security researchers at Sophos the anti-virus vendor caution Internet-users that one fresh surge of rogue electronic mails are spreading the Buzus computer worm.

Occasionally, the fake messages pretend to be a reply from Google to an application for job and pose as being sent from resume-thanks@google.com.

Typically, the e-mail tells the recipient that Google has just got his CV for which it's thankful as he has shown interest in joining the company. Subsequently, it states that the current e-mail is a confirmation that Google has accepted his application for consideration when there's a vacancy.

Thereafter, it directs the recipient for viewing a given attachment that contains a file apparently providing the application's detail review.

But the file, CV-20100120-112.zip actually is an installer that loads Buzus that disseminates through the spam mails using a Simple Mail Transfer Protocol server, while making its own copies onto detachable USB devices.

Incidentally, in the new spam campaign, the online-crooks aren't merely targeting Google job-seekers. They're attacking Facebook users too, cautions Sophos.

Says Sophos, the fake Facebook e-mail, greeting the recipient, tells him that there's a personal e-mail for him that his friend has sent. However, for reading it, he must open a given attachment. But the attachment, which contains a condensed .zip file, really takes the user onto malware that gets pulled down on his computer.

States the company, in both the above instances, it has identified the .zip files as Troj/ZipMal-AM, while the malware inside them as W32/AutoRun-BHX, a worm, which notably, proliferates via making its copies onto detachable drives for theft of online game credentials.

Warns Senior Technology Consultant Graham Cluley at Sophos, users must always treat attachments in unsolicited e-mails with suspicion as also make sure that they have up-to-date anti-virus software. Since malware campaigns come in disguised forms, Internet-users should realize the importance of staying vigilant, he adds. Nakedsecurity.sophos.com published this on January 24, 2011.

Eventually, similar as Sophos, the U.S-based Better Business Bureau too is cautioning of job-related malicious Internet campaigns, stating that people hunting the Internet for employment are being targeted; hence these scams currently are the greatest malevolent online threat.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 2/3/2011