MX Labs Spots InDesign CS4 E-mails Delivering Malware

An e-mail scam, which poses as communication from the InDesign CS4 of Adobe lately came to the notice of researchers from MX Labs the security company.

Importantly, the InDesign CS4 software of Adobe works like an application that helps in designing flyers, posters and so on.

Using a spoofed sender's id "Adobe <help-no.146@adobe.com>," the e-mail greets the recipient and tells him that the included attachment contains his Adobe CS4 License key. It tells that the user will be benefited via its fresh and increased abilities based on the given useful tips, eSeminars and tutorials. Eventually, the e-mail concludes by conveying thanks for purchasing the InDesign CS4 application and signs off from Adobe Systems Incorporated, the security company outlines.

The zipped or condensed file attachment apparently is named License_key_N7853.zip, which when unzipped, produces a License_key .exe file that in reality is a malicious program, which Sophos detected as Troj/Bredo-LK.

If this Trojan manages to infect a computer, it makes its duplicate onto the OS' (operating system) startup folder, copying a DirectX element. For ensuring that no one can detect it, the Trojan designs the svchost process that ensures that whenever the PC boots up, the malware achieves its sinister purpose.

So whenever it is run, Troj/Bredo-LK dispatches Hypertext Transfer Protocol (HTTP) queries to one domain that has been just registered in Russia, outlines MX Labs.

Moreover, when the researchers discovered the Trojan, merely a few security vendors spotted it. Indeed, only 7 anti-virus engines from the total 43 of Virus Total could spot it, MX Lab reveals. Accordingly, F-Prot named the Trojan W32/Yakes.F.gen!Eldorado, while Symantec called it Downloader.Chepvil, the security company further discloses.

Thus, for remaining safe from getting victimized with the Trojan, security researchers urge end-users against clicking on unsolicited e-mail attachments, while routinely use AV security software.

In conclusion, according to MX Labs' researchers, it's because of the above kinds of malware scams, which are responsible for an increase in PC Trojans, online. Their statement gets the support of PandaLabs' Q3-2011 i.e. July-September 2011 report that reveals 76% of fresh malicious programs getting identified at the company as malicious Trojans.

Related article: Mac OS X Devoid of Malware, Vexing Experts

» SPAMfighter News - 11/8/2011