Tibetan-themed E-mail Scam Thrusts ‘Blended’ Malware
Cyber-criminals are reportedly, still troubling Tibetan activists. Security researchers from Trend Micro discovered morphed malicious software within fresh e-mail, which supposedly carried directions on the way for utilizing the Input Method by Tibetans who might use Apple iOS 4.2 gadgets. Softpedia.com published this dated April 14, 2012.
Claiming that for making Tibetan culture widespread by assisting people wanting to learn Tibetan language, the fake electronic mail states that 'Digital Tibetan' recently developed the 'Input Method' for Tibetans wishing to operate Apple iOS 4.2 gadgets, successfully. The described lexicon can be loaded at zero cost. The prepared suggestions along with all related files can be found attached.
Thereafter, the message states that for any problem in using the application, or requirement of suggestions, users may get back with their feedback. Eventually, while expressing gratitude because user selected Digital Tibetan, the e-mail tells that his selection has directly helped in making Tibetan culture widespread. The attachment, the e-mail claims, contains instructions about perusing the help-text prior to its installation; de-condensing the .zip archive having the configuration files; and loading them for use.
But the attachments in reality match exactly the RTF files, which have been identified as TROJ_ARTIEF.EDX, which uses CVE-2010-3333 vulnerability for planting the BKDR_RILER.SV backdoor infected with PE_SALITY.AC, onto the temp files of the computer. The malevolent RTFs as well install elements for unfolding an enticing .doc file, camouflaging its malevolent operations.
These files also prevent any suspicion among the victims by creating one lawful document, which carries directions about the way to operate Apple devices through the Tibetan Input Method.
Thus, the malicious elements capturing the target PC let their controllers acquire unauthorized admission into the system.
Threat Response Engineer Roland Dela Paz at Trend Micro stated that in the current malware scam, the researchers could notice the cyber-criminals beginning to make the most of the mentioned avenue by using earlier malware hybrid-based tactics for installing malicious payloads. The described process not just enabled the attackers to gain plentifully from hybridization, but even aided them in countering confrontations during future loading of more malware, the expert contended. Softpedia.com published this dated April 14, 2012.
» SPAMfighter News - 21-04-2012