Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    UFOs and alien invasion stories are historical favorites, and they tend to be crowd-pleasers in a weird sort of way.

    They were big in the 50s and 60s, but even today, a recent pop culture phenomenon like Indiana Jones relies not so much on present doomsday hype as much as on nostalgia.

    But check out this recent malicious spam sample:

    It would appear that news such as this still appeals to the imagination of some people.

    The video evidence (fake, of course) can lead victims who click the link to the following malicious URLs:

    • hxxp:// www.{BLOCKED}
    • hxxp:// {BLOCKED}.167.49/vid_1.avi.exe

    Trend Micro detects the file VID_1.AVI.EXE as TROJ_DLOAD.XY. Other than the spammers’ poor English, analysis of the original email message showed that it was sent from a specific location in Russia.

    Advanced Threats Researcher Paul Ferguson further says that he sees “a renewed Russian/Ukrainian cyber criminal push occurring right now…with [the same] social engineering [and] malware campaigns, but most importantly: direct-delivery mechanisms for malware execution via .PHP.”

    Trend Micro users are already protected from this particular malicious spam run.

    We are still analyzing this case and we will update this post as soon as more information becomes available.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice