MX Lab started to intercept emails with the subject “Conflicker.B Infection Alert”. The trojan is names Win32:Bredolab-CC (Avast), Generic Dropper.lr (McAfee) or Trojan.Win32.Bredolab.Gen.2 (Sunbelt).
The from address is spoofed and can contain “Microsoft Team”. The emails is signed by “Microsoft Windows Computer Safety Division” to make it appears that it is from Microsoft itself.
The email has the [...]
Email regarding Conflicker.B Infection Alert contains a trojan
Spam campaign from Canadian Pharmacy also contains web based threats
MX Lab detected several email based threats in a spam campaign from Canadian Pharmacy masked as an order confirmation of Amazon.
The campaign comes from the spoofed email address Customer Support <***.***@service.amazon.com> and has the possible following subjects (*** numbers will vary):
Confirm #***
Confirmation Order #***
Notice #***
Notify #***
Notification #***
Order Confirmation #***
Order Notice #***
Order Notify #***
Order Notification #***
The [...]
Twitter, Google and Hi5 being abused in Prolaco worm distribution
Twitter, Google and the social networking site Hi5 are being abused in an email campaign to distribute the Prolaco worm. The campaigns have the following characteristics. Note that the email addresses are spoofed.
The malware is known as Worm.Win32.Prolaco.gen (Sunbelt), Worm:Win32/Prolaco.gen!C (Microsoft) and Worm.Win32.Prolaco (Ikarus).
Twitter
From: <invitations@twitter.com>
Subject: Your friend invited you to twitter!
Attachment: Invitation Card.zip (approx 348 kB)
Body [...]
“updated account agreement” email contains Bredolab trojan
MX Lab started to intercept emails with the subject “updated account agreement” that contains the Bredolab trojan. The campaign is designed for Facebook users because of the content. The email comes from the spoofed email address and contains “Facebook Team”.
The body of the email:
Dear Facebook user,
Due to Facebook policy changes, all Facebook users must submit [...]
Bredolab trojan on the move
MX Lab noticed an increase in intercepted Bredolab trojan variants that are spread by email. The Bredolab variants are distributed by different campaigns.
Do you like to find a girlfriend like me ?
One campaign has the subject “Do you like to find a girlfriend like me ?” and targets female singles in a certain way:
Wish to [...]
Win a Macbook Air and get the trojan Obfuscator for free
MX Lab intercepted emails with the subject “Congratulation!!”. The message informs you that you have won an Apple MacBook Air and for more details you will need to open the attached file.
Congratulations!! You have won todays Macbook Air.
Please open attached file and see details.
Seems tempting but by doing so you will in fact unleash the [...]
Email based update for Microsoft Outlook – Outlook Express contains trojan
MX Lab started to intercept messages with the subject “Update for Microsoft Outlook / Outlook Express (KB910721)”. These messages appear to come from the Microsoft Support department and contains instructions to install a new update for Microsoft Outlook / Outlook Express:
Brief Description
Microsoft has released an update for Microsoft Outlook / Outlook Express. This update is critical [...]
