Fresh Bulk E-mail Campaign Canvasses Demonstration against Putin
Security specialists from Symantec the security company warn that one fresh surge in spam mails supporting a rally to bring down Vladimir Putin, the re-elected president of Russia, is doing the rounds since March 5, 2012.
The captions to the junk e-mails are varied like "Meeting for the equal elections," "Instructions what to do" or "All to demonstration," the security company outlines.
Moreover, the message body has merely one sentence that describes a given attachment as delineating the instructions for the recipient's actions during the anti-Putin rally. Alternatively, it describes how important it's for the reader to know what exactly he requires doing at the rally since the instructions are same for everyone. Clearly, the phrases used suggest the way for exploiting the public's curiosity, particularly after the most recent Russian election, so e-mail recipients can be tricked into viewing the malevolent document attached.
This attachment, says Symantec has been detected as Trojan.Dropper; however, when it's opened, users essentially find details about a so-called anti-Putin meeting along with a map.
Additionally, in case the sinister macros are enabled, they become active behind the screen, while one especially nasty Trojan too gets triggered, Symantec's researchers state.
This Trojan deletes different files from the victim's computer, the files being .exe, .doc, .zip and .xls files.
Talking further about the latest e-mail scam, Security Expert Stephen Doherty at Symantec stated that the PC-Trojan's analysis showed that the malware tried to link up with an IP address 126.96.36.199 that consisted of web-links leading onto the infamous Trojan.Smoaler. Smoaler lately, utilized the website surero48421.ru for its central C&C i.e. command-and-control server, as also the website earlier fitted into the particular IP address. And soon as the Trojan defaced the files mentioned above, it executed malware for the crash down of the PC (blue-screen-of-death) via summoning the RtlSetProcesslsCritical API, Doherty explained. Itpro.co.uk published this on March 8, 2012.
However, for avoiding getting victimized with the latest malware-infested bulk e-mail scam, Symantec suggests Internet users for remaining vigilant about any unwanted electronic mail having attachments, which ride on breaking news events such as Russia's election results, declared recently.
Related article: Fark.com Files Suit against Suspected Hacker from Fox13
» SPAMfighter News - 16-03-2012