Adware, malware, spyware, hijacker discussion and information

[Gain Knowledge]  [Install Prevention]  [Maintain Security]  [Spyware Removal Help]


It is currently Sun Apr 20, 2014 6:20 am

All times are UTC - 7 hours




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: Spam campaign: exploited Excel files
PostPosted: Thu Jun 10, 2010 1:40 am 
Offline
User avatar

Joined: Mon Jul 20, 2009 4:35 am
Posts: 1857
Location: Kent, UK
Quote:
Spam campaign: exploited Excel files

We’ve been seeing an aggressive spam campaign (which we block) carrying malicious Excel (.xls) files, detected as Troj/DocDrop-Q, exploiting the vulnerability classified as CVE-2009-3129.

The Excel file attempts to decrypt, drop and run another executable file, which copies itself to <System>\googletoolbar32.exe and creates a registry entry called “Google Search Engine” to run itself automatically on reboot. We detect this exe as Mal/Koobface-G, and it’s very similar to other executables we’ve seen in spam recently.

Spam is likely to contain the word “treasury” in the sender’s address (which is faked). Examples include:

* “US Department of Treasury” <noreply@usdot.com>
* Elizabeth Boucher <elizabeth.boucher_ce@treasury.govt.nz>
* Chang Avery <c.averysh@treasurytoday.com>


Continues at SophosLabs Blog

_________________
Spam - Uninteresting garbage quickly deleted.
Spammer - A parasitic worm intent on creating internet misery.

Image



IP:
top
Top
 Profile Send private message  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC - 7 hours


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  

Who is online

Who is online In total there are 3 users online :: 0 registered, 0 hidden and 3 guests (based on users active over the past 5 minutes)
Most users ever online was 282 on Tue Sep 25, 2012 11:30 am

Users browsing this forum: No registered users and 3 guests

New posts    No new posts    Forum locked
Powered by phpBB