HNS MAIN FEED
Tuesday, 17:37 EST
- OpenDNSSEC 1.0.0 released
- Microsoft releases giant patch collection
- 81% percent of e-mail links to malware
- Unaware of the dangers, most teens share personal info online
- Data harvested from Facebook used in boiler room scams
- A closer look at USB Secure 1.3.0
- Safety tips for online dating
- Researcher hacks security encryption chip found on millions of PCs
- Is authenticated XSS a problem?
- Online shopping safety: Consumers hold retailers responsible
- Seagate ships the Savvio 10K.4 hard drive
- Political hacktivism and the exploitation of tragedies is on the rise
Zipped Trojan in email attachment leads to further infection
Posted on 26.10.2009
Here is the proof you should never open attachments from anyone you don't know or don't trust: TrendLabs discovered spam emails professing to be from LSM Company, regarding a "Contract of Settlements", that hold a .zip attachment with a Trojan.
The attachment is supposedly the contract in question, but you can't see that it holds an .exe file because you are unable to scan it - it is protected by a password. To create an illusion of legitimacy, you are given the password in the email.
Not satisfied with infecting your computer with the Trojan (TROJ_FAKEALE.JH) in the attachment, after executing it you get connected to a website where you contract another: TROJ_FAKEAV.BQN.
The attachment is supposedly the contract in question, but you can't see that it holds an .exe file because you are unable to scan it - it is protected by a password. To create an illusion of legitimacy, you are given the password in the email.
Not satisfied with infecting your computer with the Trojan (TROJ_FAKEALE.JH) in the attachment, after executing it you get connected to a website where you contract another: TROJ_FAKEAV.BQN.
- Rogue software details: AntiSpyware
- Rogue software details: GuardWWW
- Top 10 malware threats for January
- Google applicants targeted by phony job application response
- Facebook tops the list of risky social networking sites
