Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    December 2014
    S M T W T F S
    « Nov    
     123456
    78910111213
    14151617181920
    21222324252627
    28293031  
  • Email Subscription

  • About Us

    Malware criminals seem to never run out of tricks.

    This time they seem to have spun off sensational (but fake) news about the current Iraqi conflict. Advanced Threats Researcher Paul Ferguson recently encountered the following spam mail:


    Figure 1. Spam purporting to carry news about the latest Al Qaeda offensive.

    The spam even goes on to discuss all the past diversionary (and equally terroristic) attacks allegedly linked to Osama Bin Laden and Al Qaeda, perhaps to raise the level of emotion required for users to throw all caution to the wind. After enumerating all these terrorist activities, the spam includes the link it introduced in the first paragraph with the enticing interview appearance of Osama Bin Laden. Users are cautioned to not let their curiosity get the best of them.

    However, the lack of user discretion has an ugly price: the link leads to an executable file named news_usama_video.exe. The video is not a video; it is TROJ_AGENT.AKNH, a variant of a Trojan family known for playing support roles for malware in a bigger multi-component attack against users.

    The URL link and the executable are both blocked and detected, respectively, by Trend Micro Smart Protection Network. Trend Micro customers, especially those with a keen interest in current affairs and the tension in the Middle East, are safe from this attack.

    Other users should always maintain a clear head when dealing with unsolicited email, regardless of content. Embedded URL links have always been an easy way in for malware criminals to victimize PCs. It is best to set email applications to render all links in messages inactive and, in general, to treat all unsolicited email as suspect.

    This is not the first time sensational (and bogus) content in connection to spam and malware infection has been used to attract victims:





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice