Virus writers launch large scale encrypted attachment strategy to evade capture
Posted on 30.04.2007
Virus writers are attempting to evade the capture of their malicious code by sending it as either an encrypted email or within a password protected zip file attachment, according to email management specialist Email Systems.
 
Whilst this strategy has appeared previously in different guises, with encrypted zip attachments first becoming a major issue six months ago, the situation has worsened considerably in recent weeks with a significant increase in the number of such mails being propagated.
 
The new batch of virus laden emails typically contain the Trojan.Peacomm virus (also known as the Storm Trojan), which is approximately 77kb in size and usually contained within either an encrypted email or a password protected zip attachment to an email.
 
The emails frequently contain a security warning, offering to protect the user from a threat. The phrase ATTN! is frequently prominent within the subject line of such emails – although others include ‘Worm Detected!’, ‘Virus Detected!’, ‘Spyware Alert!’ and ‘Warning!’. On receipt of the email, users are prompted with the password and thereby unwittingly able to release the virus on their machine. On execution of the file, the Storm Trojan virus is designed to retrieve additional malicious code from the internet.  
 
During the last few weeks, Email Systems has quarantined hundreds of thousands of such emails – a major increase from the tens of thousands witnessed in the most recent attack six months ago.





Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //