logo

  •   Submit to to del.icio.us   Submit to to digg   submit to to reddit   submit to to StumbleUpon   submit to to Google   Submit to to Yahoo!

Category: blogs | Posted by Avatar Staff 333 days ago
Via: http://www.websensesecuritylabs.com | Tags: department of justice trojan horse comments Discuss  
Websense® Security Labs™ has discovered a new email attack variant similar to attacks previously launched on the IRS and Better Business Bureau. The spoofed email claims to be from the United States Department of Justice (USDOJ). We have been tracking these attacks and have previously reported on them on our site. We first alerted on this attack against the USDOJ here.



The message claims that a complaint to the USDOJ has been filed against the recipient's company. The email informs the reader that a copy of the original complaint has been attached to the email. The attached "complaint" is a Trojan .scr file with an MD5 of 083cdcb8b8cac465dc130348f88ac48d. The .scr drops a file named xp2007.dat in c: which is then silently added as a BHO in IE.



At the time of our discovery, none of the major anti-virus vendors had detected the malicious code.



Websense Security customers are protected from this threat.



Email screenshot:





Infected desktop screenshot:


addto Add this link to... report Bury 


Comments Who Voted Related Links
Copyright 2005-2008 Best of Security