Salted Hash — IT security news
About this Blog:
IT security news analysis, over easy!
This IS NOT 'your order'
If you get email with subject lines such as "Your Order No 129589 – Warner Music Inc." or "Your Order No 489889 – Cell Phone Inc." -- delete them.
It's a scam, warns Phil Hay of the M86 security lab.
In a blog post, he warns that the attached .pdf file is loaded with malicious code:
The attached .pdf contains a bunch of obfuscated JavaScript, which attempts to exploit the Adobe getIcon vulnerability (CVE-2009-0927). If successful, the following payload is downloaded:
hxxp://kawabungashop.ru/flash/1.php
The 1.php file is an executable downloader (VirusTotal Report). Another piece of malware is then downloaded and installed (VirusTotal Report), which is a spambot that proceeds to spam further copies of the .pdf file.
The blog post includes screen shots you'll want to beware of.
--Bill Brenner
It's a scam, warns Phil Hay of the M86 security lab.
In a blog post, he warns that the attached .pdf file is loaded with malicious code:
The attached .pdf contains a bunch of obfuscated JavaScript, which attempts to exploit the Adobe getIcon vulnerability (CVE-2009-0927). If successful, the following payload is downloaded:
hxxp://kawabungashop.ru/flash/1.php
The 1.php file is an executable downloader (VirusTotal Report). Another piece of malware is then downloaded and installed (VirusTotal Report), which is a spambot that proceeds to spam further copies of the .pdf file.
The blog post includes screen shots you'll want to beware of.
--Bill Brenner
Get your morning news fix with the daily Salted Hash e-newsletter! Sign up today.
Previous Post: Follow Friday: Security pros to find on Twitter, 4-1Next Post: Epsilon hack: Notification letters
WEBCAST
Transition Confidently to the Cloud
Thanks to cloud computing, your business data is everywhere and being accessed by everyone. Making the wrong decision to protect your data can result in high costs, increased risk and executive exposure. View this live webinar on cloud security and the evolving data center, and learn why a data-centric approach to security is the best bet for today's virtual environment.
WHITE PAPER
Magic Quadrant for Enterprise Information Archiving
Gartner evaluates vendors offering products and services that provide archiving for email, files and other content types.
Recent Comments
Webcasts
- Forrester Research and EMC on Continuous Availability
- Big Ideas; Big Tech-Continuous Availability for VMware
- Reduce Costs, Maximize Performance and Ensure High Availability of your Business Critical Applications
- Security Analytics Video
- B2B Integration on Cloud: Real World Solutions and Technology Advances
- Virtualization Boosts SMBs
White Papers
