Trojan is Hided in Independence Day E-CardAccording to the news by Vnunet.com on July 4, 2007, the security experts have cautioned the users about a malware being spread by spam and duping as a 4 July greeting card. Sophos said that the mail, which is arriving in the inboxes across the world, claims that the user has received a greeting card from a friend and commands it to click on the link in order to view it. Senior technology consultant at Sophos, Graham Cluley, said that the hackers have no problems in taking the advantage of celebrations like 4 July to exploit the system of others and to leak out data from it, as per news by Vnunet.com on July 4, 2007. The common subject lines used in the harmful spam campaign are Independence Day celebration, America the beautiful, July 4th Fireworks Show, Happy fourth of July, etc. The ISC too warned about the patterns that were appearing. As the security authorities began to filter the mail subjects and link hashes, the attackers left no stone unturned in making adjustments in the subject and link to avoid detection. The ISC alerted on 28th June 2007 about the occurrence of harmful mails. If you think it is gone, it will again come up with another lot of malicious links, as per the news by tech.monsterandcritics.com on July 2, 2007. The spam emails provides two alternatives for attacking. The first one is to click an IP-based link that will bring forth the card. If the JavaScript is already installed on the system, then tm.exe and logi.exe can be loaded in the PC. But if JavaScript is not present, then they simply ask to download exploit. As the user clicks on the link (which is in the form of a numeric IP address), the respective server is taken to an exploited zombie computer, which also hosts the JSecard-A Trojan. Further, this malware tries to install more code from the net, which the Sophos termed as Malf/Dorf-C. Cluley said that instead of visiting the website of a real e-card, after clicking the link, it will lead to other's exploited PC, which is hosting deadly code created to exploit Windows PC, according to Vnunet.com on July 4, 2007. Related article: Trojans to Target VoIP in 2006 ยป SPAMfighter News - 7/16/2007 |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!