Browse archive

Latest news

Fighting cybercrime is on the right track

Google set to upgrade its SSL certs

IT security pros have trouble communicating with executives

Zeus variants are back with a vengeance

Facebook phishers target Fan Pages owners

Killer apps: The performance of networked applications

Is it time to professionalize information security?

Google researcher reveals another Windows 0-day

Twitter finally offers 2-factor authentication

DHS employees' info possibly compromised due to system flaw

Teens are into online sharing, but are also more privacy-aware

The dangers of downloading software from unofficial sites

Microsoft decrypts Skype comms to detect malicious links

Review: Logging and Log Management

Hacking charge stations for electric cars

Malware-laden emails target hedge fund managers

Posted on 15.08.2012

A highly targeted spam campaign aimed at hedge and private equity fund managers has recently been spotted by Barracuda Labs researchers.

The email looks like it has been forwarded a couple of times, and supposedly has a document with details about NSYE carried interest fees attached to it.

Recipients who don't notice that the file in question is an executable and run it are faced with a PDF that actually contains the information:

Unfortunately, the PDF comes bundled with a keylogger, which secretly installs itself on the victim's machine and begins recording keystrokes and sending them to a remote server via FTP.

The researchers have managed to follow the traffic to the server, and to peek inside it. They discovered that all the files containing the keystrokes are neatly deposited in a folder and, according to the number of existing folders, the attackers have managed too compromise at least 20 computers so far.

"Never trust an attachment sent to you in email, even if the source appears reputable," the researchers advise. "In cases like this we suggest you first save the attachment to disk and then send it to the virus scanning service virustotal.com."