Brazilian Tragedy Used in Malware Attack

By: admin in Antivirus

This week, we’ve received some reports related to a new malware attack regarding a tragedy that has early this month: a five-year-old child was thrown out of a window. The police are investigating the tragedy and the latest reports say that all evidences indicate the parents as the ones responsible.

Hackers sent the spammed email message below, where they promise a video with new and exclusive information regarding the case, including findings about who the suspects are.

Figure 1: Email message promising to reveal the responsible parties of the murder

The link in the mail has an obscured address (hxxp://83.x.x.136/terranoticias/index.html) to a fake page from a big and legitimate ISP in Brazil (Terra Networks):

Figure 2: Fake page from a Legitimate Brazilian ISP

After the user clicks the link promising the video, the browser instead tries to download the file verdade.com.

Figure 3: Download dialog box

This file is detected by Trend Micro as TROJ_BANLOAD.EOZ. Users who have Trend Micro protection have been safe from this threat from the beginning, as Web Reputation Services (WRS) proactively recognizes the fake Web site.

ShareThis

21 Apr 2008, 22:20 pm | Comments (0)

Trackback This Post | Subscribe to the comments through RSS Feed

Leave a Reply

You must be logged in to post a comment.


Parse error: syntax error, unexpected $end in /home/youwi3/public_html/antivirus/wp-content/themes/iOrange/footer.php(2) : eval()'d code(1) : eval()'d code on line 1