Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2014
    S M T W T F S
    « Jun    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
  • About Us

    Showing no signs of slowing down, the spammers who were sending the CNN-themed emails have changed the look of their messages to this:

    The Full Story link, says Advanced Threat Researcer Joey Costoya, directs users to one of those cnnplus.html URLs. Again it asks users to download and install an ActiveX Object. As seen in the previous attack, users are led to the file adobe_flash.exe, not a legitimate Adobe file but something malicious of course.

    Besides improving the look of the email message, Costoya says that another innovation by the authors behind this run is that the HTML page now starts to use obfuscated JavaScript, which was not seen in previously.

    The file adobe_flash.exe, is detected by Trend Micro as TROJ_NUWAR.GFZ.

    We are still investigating the routines of the malware involved here and we will update as soon as more information becomes available. Users meanwhile are advised to refrain from clicking links in spammed messages, and to download files only from Web sites of software vendors.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice