Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Showing no signs of slowing down, the spammers who were sending the CNN-themed emails have changed the look of their messages to this:

    The Full Story link, says Advanced Threat Researcer Joey Costoya, directs users to one of those cnnplus.html URLs. Again it asks users to download and install an ActiveX Object. As seen in the previous attack, users are led to the file adobe_flash.exe, not a legitimate Adobe file but something malicious of course.

    Besides improving the look of the email message, Costoya says that another innovation by the authors behind this run is that the HTML page now starts to use obfuscated JavaScript, which was not seen in previously.

    The file adobe_flash.exe, is detected by Trend Micro as TROJ_NUWAR.GFZ.

    We are still investigating the routines of the malware involved here and we will update as soon as more information becomes available. Users meanwhile are advised to refrain from clicking links in spammed messages, and to download files only from Web sites of software vendors.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice