Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    The upcoming summit of the G-20 major economies in Korea has been used in limited spam attacks. Trend Micro received the following spam sample:

    Click for larger view

    The spam supposedly came from the Japanese finance ministry and contains comments on several issues related to the upcoming summit. Tellingly, however, the link to the said comments does not even claim to have a URL related to an official website. The link actually goes to a .ZIP file detected by Trend Micro as TROJ_DROPPER.WTH. When run, it opens a Word document in order to trick users into thinking that nothing malicious happened. In reality, however, it drops a malicious file detected as TROJ_AGENT.JAAK. The registry has also been modified so that the malicious file is run at every startup.

    Further analysis of this threat is ongoing though Trend Micro users are already protected. The spam, the malicious URL, as well as the malicious files are all detected and blocked by Trend Micro products via the Smart Protection Network™.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice