New Paypal phish contains fake order and payment details to mislead receiver

At MX Lab we intercept quite often very good phishing emails. This newest PayPal phishing email came to our attention because it contains a false order and payment transaction in order to mislead the intented receiver.
The intented receiver will open such a message and notice that a payment has been done towards, in this case, [...]

September 27, 2009
Categories: Phishing . Tags: , , . Author: mxlab . Comments: Leave a Comment

Social network Hi5 subject to malware campaign

The social network Hi5, a place where you can connect to your fiends, is target of a malware distribution campaign. MX Lab intercepted emails with the subject ”Jessica would like to be your friend on hi5!” with an attachment named Invitation Card.zip that includes the archived file attachment.pdf_[many _spaces]___.exe.
The From address is invitations@hi5.com but this is spoofed. The [...]

September 9, 2009
Categories: Viruses . Tags: , , , . Author: mxlab . Comments: Leave a Comment

Make sure your WordPress installation is up to date

Maybe interesting reading for users who have their own WordPress installation older than version 2.8.4.
“The newly discovered worm is pretty sneaky to say the least. In a nutshell, it crawls the web looking for vulnerable WordPress installations, makes itself an administrator account, takes full control of the website and posts malware and spam to it. [...]

September 9, 2009
Categories: Malware, Various . Tags: , , , , . Author: mxlab . Comments: Leave a Comment

Rogua AV goes green with Green Antivirus 2009

MX Lab reported earlier regarding rogue AV software (AntiVir Plus and Anti Virus for Windows) and today we focus on Green Antivirus 2009. This anti virus software is in fact malware and will infect your computer when installed. Result can vary from infected computers with malware, creation of a zombie computer or even worse, it [...]

September 2, 2009
Categories: Malware, Viruses . Tags: , , , , . Author: mxlab . Comments: 2 Comments

New Bredolab variants are spreading by email

MX Lab intercepts more emails with the trojan Bredolab than usual since August, 27th, 2009. We already reported earlier regarding Bredolab but it seems that we now have multiple type of emails with different content trying to get the payload delivered.
DHL Tracking Number 2491VT2O
This email contains the following body:
Hello!
We failed to deliver your postal package sent [...]

September 1, 2009
Categories: Viruses . Tags: , , , . Author: mxlab . Comments: Leave a Comment