Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Promises of freebies and other enticing promos are just a few of the tricks cybercriminals use to lure users to their profiteering schemes. TrendLabsSM engineers recently discovered suspicious-looking emails pretending to come from the iTunes Store. The spoofed email tells users they won a gift certificate worth US$50 and encourages recipients to check out the certificate code in the .ZIP file attachment. Opening the attachment, however, did not contain a supposed code but instead malware detected as TROJ_SASFIS.HN.

    Click for larger view

    If executed, TROJ_SASFIS.HN drops the pgsb.lto (aka TROJ_DLOADR.SMVE) onto the system. This Trojan connects to websites to obtain instructions, which may include another URL wherein an updated copy of itself or another malware can be downloaded.

    Unfortunately, this is not the first time the iTunes Store has been used in malicious schemes, as evidenced by the following previous entries:

    Users should refrain from opening dubious email messages and be wary of opening their attachments. Trend Micro™ Smart Protection Network™ protects users from this kind of attack by blocking spam before they even reach their inboxes via the email reputation service. File reputation service, on the other hand, prevents the download of TROJ_SASFIS.HN and TROJ_DLOADR.SMVE onto affected systems.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice