Spam Mail With 'Vaio' Order Distributes Malware

The e-mail that displays a fake order has content, which begins with a thank you note for ordering from their Internet shop. If the payment is made from a credit card, the charge would be from their shop's name. While the e-mail confirms the receipt of the order, it requests not to reply as it is generated from an automated confirmation system.

The e-mail then gives some fake transaction details and carries a PDF (Portable Document File) attachment. It tells that PDF files are constructed via 'Adobe Acrobat Software', which is possible to view using 'Adobe Acrobat Reader' available free of cost for download from Adobe's Website.
The spam mail further reads that it will ship the order from the nearest warehouse to customer that stocks the items of demand (NY, TN, UT and CA). Although all items are ship same day, but it requests for 24 hours of processing time. The mail says that another e-mail with tracking information will arrive soon. It then thanks for the particular transaction and hopes that the customer to enjoy his order.

The false PDF attachment is named by the executable '37679041.exe', which anti-virus vendors detect by different names. Kapersky called it 'Backdoor.Win32.Haxdoor.If.' Symantec named it as 'Backdoor.Haxdoor.R' and others call it a Goldun variant. Says Suzi Turner on 'ZDNet Blogs' that whatever name one gives to it; it is a real nasty malware.

Security vendor Sunbelt rates the threat as 'severe'. He reports that the installation of Haxdoor is typically through exploits. It uses 'rootkit' technology to bypass detection and conceals from the user. Some variants of Haxdoor may steal passwords from banking sites in order to transmit the data to a remote hacker. Haxdoor variants could also show advertising through pop-ups and cause instability and crashing of a system. Haxdoor may lower security levels by disabling firewall and anti-virus programs.

Related article: Spam Scam Bags a Scottish Connection

» SPAMfighter News - 17-10-2006

 

All SPAMfighter products offer a free trial!

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

SLOW-PCfighter

Optimize your Slow PC for better performance. Try FREE scan now

Full disk or slow disk?
Disk space recovery
and disk optimization. Try FULL-DISKfighter free


Spam Filter for Exchange Server

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove spyware

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software

Antivirus software for your Windows PC - Free 30 days trial

<<<  >>> 

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

Intel Software Partner