Cybercrooks Promoting Two New Malware Campaigns
According to the security experts at the security firm, Sophos, cybercriminals are presently spamvertising 2 distinct malware campaigns, thereby attracting end users into downloading and installing malware ridden file attachments.
The first campaign of this is a variant of "Facebook Your Password Changed" scam that took place during the second week of April. The fake e-mails come with the subject line of: 'Spam is sent from your Facebook account'.
The spam e-mail informs users that, the spam is dispatched from their Facebook account and their password has been modified for the purpose of protection. The message further states that, information associated with their account and a new password is linked to the letter. Users should read this information carefully and modify the password to a more complex one. The e-mail ends with a message that users should not respond to the e-mail as it is an automatic mail notification.
According to Sophos, Malware linked to the attachment is identified as Mal/BredoZp-B.
The second campaign is depending on a strange pictures notification which notifies users and states that, he (sender) has tried to send users some pictures, but the users doesn't seemed to be interested, so this time he is dispatching the pictures in the attachment.
This attachment is a zip file, which is encrypted (apparently to evade anti-virus products operating at the e-mail gateway) with the password mentioned in the text of the e-mail. The ZIP encloses an executable file, DSC0173519.exe, which Sophos identifies as Mal/Behav-043.
Commenting on the matter, Graham Cluley, Senior Technology Consultant at Sophos cautions netizens that, if users are not safe and make the blunder of installing the program, then will leave one more file onto their hard drive on the system, which Sophos identifies as Troj/Agent-REX spyware Trojan horse, as reported by Naked Security on April 19, 2011.
Cluley further added that, the Windows system is further compromised with malware and a distant or isolated hacker could personal and financial steal information from the system, mainly as the netizens were scammed by a stranger, who had dispatched them their digital pictures.
Conclusively, security experts at Sophos stated that, netizens or users are suggested to avoid downloading and running with malware ridden file attachments or hyperlinks found in spam e-mails.
Related article: Cheburgen.a: A New Email Worm
» SPAMfighter News - 27-04-2011