Malware Scam, Which Infects Twice, Spotted

A malware scam, which attempts at infecting twice, for truly ensuring that potential victims are compromised, is doing the rounds and which investigators from F-Secure, a security company, have identified.

One instance of the infection occurred with a website that while pretending to be certain "Gmail Attachment Viewer," attempted at getting the visitor to load and execute the software presented.

There's also a pop-up alert that Windows apparently provides as it recognizes the software to be a Microsoft program; however, states that it isn't possible to know the name of the program's author since its digital signature is impossible to verify.

But, incase the end-user decides to execute the program, an invitation from Cisco Foundation confronts him asking him to be present in certain conference, whilst a malevolent file silently gets downloaded and planted behind the scene.

Unexpectedly, a web-link is embedded on the message, which incase clicked, once more attempts at pulling down the identical malicious file.

F-Secure's investigators don't indicate the manner in which it at the very instance got put on the said website, as also what malware form gets really delivered to the end-user; however, indicates that the contamination's source can be found in an iJava Drive-by Producer.

Karmina, security researcher from F-Secure blogs that iJava interestingly, maintains track of the contaminations. F-secure.com published this blog-post on May 8, 2012.

Karmina explained that the iJava Drive-by Producer let the cyber-criminal utilize arbitrary names alternatively articulate his own choice to get both the installed malevolent file from Windows and the Java included file. The researcher also indicated that the useful device as well suggested to the criminal the number of contaminations the served malicious program performed. Help Net Security published this on May 9, 2012.

Worryingly, according to F-Secure, it's because of the above kinds of malicious scams that there's an increase in malware online. In support of this, PandaLabs' Q1-2012 report's data shows that the company detected over 6m distinct malicious programs during the period.

However, Internauts can stay secured from the said kinds of malware scams if they load up-to-date anti-malware software onto personal computers.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 5/19/2012