Fresh Spam Campaign Sends Messages to Defense Contractor
Researchers from Sophos the security company say that one fresh spam outbreak is doing the rounds, hitting Internauts while apparently delivering unsolicited e-mails to the employees of certain defense contractor with a caption "If you want sex pictures!"
A file having the name sexpicture.rar is attached to the electronic mail whilst it carries several nude images of Sakura Shiratori a famous model from Japan.
Seemingly, the images look harmless; however, they're accompanied with 2 other files. One, which looks like a screensaver, is named short-SEXGPJ_1.SCR and happens to be malevolent as Sophos identified it to be Mal/Behav-043. The other is named short-SEX_ST_1.DOC, which Sophos identified as Troj/DocDrop-AF and it abuses the CVE-2012-0158 security flaw for planting more malware on the infected PC.
Remarking about this new spam outbreak, Senior Technology Consultant Graham Cluley at Sophos stated that albeit the junk messages seemed as being sent from Yahoo e-mail of Taiwan, yet the 'From' field showed an address that the spam attacker actually forged. Help Net Security published this in news on August 8, 2012.
Cluley added that he would quite assume that Madam Sakura Shiratori mightn't even know the way her pictures were getting abused.
Worryingly according to Sophos, it's because of the above kinds of malevolent campaigns that there's a rise in malware online. The security company's judgment has received the support of data, which PandaLabs another security company published within its second quarterly (April-June) 2012 report that suggest the creation of over 6m fresh malicious codes during Q2-2012 alone.
Sophos also remarks that like always the current spam campaign too takes advantage of human feelings and responses ranging from lust to fear or curiosity for accomplishing its sinister objective.
Besides, akin to celebrities becoming e-mail spammers' targets, GFI Software's security researchers, during June 2012, discovered certain Tumblr post which promoted one Miley Cyrus featuring adult tape. That campaign actually aimed at getting unwitting Internauts to download certain dubious-appearing video player.
Hence, like every time, Internet-users are advised for exercising utter caution while dealing with uninvited spam mails and not clicking on web-links or viewing file attachments sent through the messages.
Related article: Force 9 and TalkTalk Are the Highest Spam-Delivering ISPs
» SPAMfighter News - 17-08-2012