Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    TrendLabs recently received samples of a Trojan sent as an attachment to spammed mail bearing the subject Sexy Card from Hot Girl. The Trojan, detected by Trend Micro as TROJ_PUSHDO.AR is disguised as an animated e-card with nude photos of a certain Monica T. supposedly sent via Adult Sex Finder. Below is a sample of the said message :


    When the attachment is opened, this Trojan executes and installs itself on the affected system, registering itself as a service to ensure automatic execution. It then connects to the URL http://66.{BLOCKED}.252.215/s_60_3232297080?m… to download a file detected by Trend Micro as TROJ_PANDEX.AR.

    Its social engineering tactic is old news but what’s interesting is its use of the term Adult Sex Finder as the supposed company that put together the provocative e-card. “Adult Sex Finder” bears such close sounding recall to AdultFriendFinder– a Web site that claims to be the “world’s largest adult sex and swingers site”- that one can’t help but wonder if there is some kind of connection there. AdultFriendFinder has been related in malware attacks in the past.

    Whether there is or there isn’t any connection, TROJ_PUSHDO.AR is out there in the wild finding propagation partners: users that are lured by its lurid bait. Don’t be that user. Trend Micro customers are encouraged to update to the latest pattern to be protected from this pesky spam attachment.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice