After patching 11 vulnerabilities for this month's Patch Tuesday, spam is being sent that falsely claims that the recipient should immediately install another critical Microsoft update. Advanced Threats Researcher Jamz Yaneza discovered this latest ploy: Figure 1. Sample email Patching one's system using this spam as a guidance, however, downloads a multitude of badness, and one particular malicious piece of malware which is detected as EXPL_ANICMOO.GEN. Interestingly enough, this exploit has been around for quite some time. More info on the malicious nature of this ...

Remember the UPS spam runs that were popular last month (see previous blog posts here and here)? Spammers have chosen a different courier this time, but the message was basically the same: Posing as FedEx notifications, these email messages have the same format as their earlier UPS counterparts: tracking number (perhaps to make the message appear authentic), message body informing recipients that there was a problem with the delivery of a package, and a message urging the recipient to print the ...

Malicious spammers are really striking while the iron is hot, so to speak. Less than a day after spammed messages containing links claiming to point to news related to the recent Russian-Georgian conflict, another spam run bringing malware was found by the Trend Micro Content Security Team. Below is an example of the latest spam: Figure 1. Spam sample about journalists being shot in Georgia in relation to the recent Russian-Georgian conflict. The attached file Georgia.zip is a password-protected .ZIP file. Setting a password ...

Trend Micro Advanced Threats Researchers Ivan Macalintal and Paul Ferguson report that Internet spammers have turned to file-sharing scare-tactics. This is to entice would-be victims to open a malicious attachment, threatening the unfortunate recipients with interrupted Internet connectivity or legal action. Here are screenshots of two sample email messages: Figure 1. A certain "ISP Consorcium" [sic] purports to protect the rights of software authors by monitoring networks. Figure 2. Media Defender, a company known to protect clients from copyright infringement, was used this ...

Seems like the bad guys pushing fake antivirus software are not done yet. We received several reports from the North American region earlier today about users being victimized by a rogue antispyware software. Users download this rogue program after they have somehow been convinced to click on malicious links. These links point to malware that caused overt signs (such as popup balloons and modified wallpapers) to appear on the PC, suggesting that the system has indeed been infected. This is not ...