03
Feb
Your guilty conscience could get you pwned
Article from Rik Ferguson
Filed under: Underground Economy,malware,spam | RSS 2.0 | TB | Tags: , , , , , , , | 1 Comment

I just received an email from some guy called Willie Hickey. Aside form having an extremely amusing name, Mr. Hickey was offering me some very urgent advice:

 

Mail from Willie Hickey

Mail from Willie Hickey


 
 The message reads

“Hey, some jerk has posted your pictures (u understand what kind of pictures are there) and sent a link of them to all ur friends. I have already replied back. Said, that he is an idiot. See the link:”.

 
This little piece of social engineering is obviously designed to arouse fear and doubt in the recipient; “Oh no, not those photos, the zookeeper promised he would destroy the negatives.
 

Don’t be tempted though to click the link. There are no photos, there is no Willie Hickey.

 

The link leads to a malicious JavaScript which redirects the browser to a Russian IP address where multiple PDF exploits and an ActiveX exploit are used to push out a variant of the ZeuS crimeware. The sample itself has very low detection rates with only 9 out of 40 detections on VirusTotal

 

If you’re already a Trend Micro user you would be protected from this as the malicious website is already blocked by the Smart Protection Network and the malware detected. If you have received a similar mail and clicked the link and are worried you may be affected, run a free clean up with HouseCall.

Bookmark
| More
This entry was posted on Wednesday, 3. February 2010 and is filed under "Underground Economy, malware, spam". You can follow any responses to this entry with RSS 2.0. You can leave a response here, or send a trackback from your own site.

1 Comment to "Your guilty conscience could get you pwned"


Name:

E-Mail (not published)

Website:


Spam protection


© Copyright 2010 Trend Micro Inc. All rights reserved.
Legal Notice | Disclaimer