Virus writers launch large scale encrypted attachment strategy to evade capture
Posted on 30.04.2007
Virus writers are attempting to evade the capture of their malicious code by sending it as either an encrypted email or within a password protected zip file attachment, according to email management specialist Email Systems.
 
Whilst this strategy has appeared previously in different guises, with encrypted zip attachments first becoming a major issue six months ago, the situation has worsened considerably in recent weeks with a significant increase in the number of such mails being propagated.
 
The new batch of virus laden emails typically contain the Trojan.Peacomm virus (also known as the Storm Trojan), which is approximately 77kb in size and usually contained within either an encrypted email or a password protected zip attachment to an email.
 
The emails frequently contain a security warning, offering to protect the user from a threat. The phrase ATTN! is frequently prominent within the subject line of such emails – although others include ‘Worm Detected!’, ‘Virus Detected!’, ‘Spyware Alert!’ and ‘Warning!’. On receipt of the email, users are prompted with the password and thereby unwittingly able to release the virus on their machine. On execution of the file, the Storm Trojan virus is designed to retrieve additional malicious code from the internet.  
 
During the last few weeks, Email Systems has quarantined hundreds of thousands of such emails – a major increase from the tens of thousands witnessed in the most recent attack six months ago.





Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //