Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Supporters of Tibetan Cause Targeted with Spam Mails

Organizations and activists supporting Tibet's cause presently appear as a highly targeted group so far as malicious attachment-included e-mails are concerned wherein the e-mail distributors continuously frame fresh and varied campaigns designed to contaminate target PCs, reports Help New Security dated April 16, 2012.

Recently, Alex Lanstein, security researcher at FireEye spotted one intriguing instance of such an electronic mail when he was doing an ongoing supervision of the mentioned 'spam' schemes.

Having found an interest in assessing the unsolicited e-mails and wanting to make public his discoveries, Lanstein dispatched one electronic message to numerous people aggressively getting targeted possible because he got their e-mail ids from Virus Total. The message asked the recipients whether they'd let themselves be talked about within a blog post as recipients of the spam mails.

Lanstein wrote in the e-mail that he wished for posting an entry on his company website regarding some attacks as well as cite the reader by name. According to him, he was already aware of the spam attack targeting the reader still he wanted the person's permission since no IT expert would have included the malicious attachment, and certainly not the reader himself. Softpedia.com published this on April 16, 2012.

But the fact is that Lanstein's e-mail id had been spoofed, the actual id of the e-mail writer being of some other spam source.

Besides, included in the e-mail is a Portable Document Format (PDF) file as an attachment, which conceals malware that Trend Micro detected as TROJ_PIDIEF.KFR. This file has been made password-protected so no anti-virus software maybe able to detect it.

When successfully on a PC, Trojan Pidief abuses familiar security flaws for planting a JavaScript, which pulls down the BKDR_INJECT.KFR backdoor.

Typically, this backdoor links up with a China-situated command and control server for dispatching information like passwords, IM addresses, files and drives lists, or other sensitive details.

Importantly, there's an ongoing analysis of the Trojan responsible for triggering the spam attacks, based on which security specialists in general advise that users should particularly shun viewing suspicious attachments despite them appearing as arriving from any authentic source.

Related article: Spreadsheets Cracking Through Due to Inadequate Security Scrutiny

ยป SPAMfighter News - 4/23/2012

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page