Monday, April 09, 2007

Fake e-mail claiming U.S. has attacked Iran contains Trojan

If you receive a e-mail that Iran has been toasted by a U.S. strike, be careful of clicking on the attachment. Doing so, might toast your computer system.

John McDonald posted this information on the Symantec blog:

Over the weekend Security Response received samples of the latest variants of Trojan.Peacomm and W32.Mixor doing the rounds. The social engineering trick employed this time is in appealing to people's sense of fear as well as natural curiosity of a possible Middle East war involving the United States, Iran and Israel.

Subjects include "USA Just Have Started World War III" / "Missle Strike: The USA kills more then 20000 Iranian citizens" / "Israel Just Have Started World War III" / "USA Missile Strike: Iran War just have started". From the sample emails that we have seen to date, the actual email body is blank, and the attached files have various names such as "video.exe", "movie.exe", "click here.exe", "clickme.exe", "readme.exe" and "read more.exe".
More on this on the Symantec blog, here.

An unprotected computer might be turned into a zombie, which becomes part of a botnet (used to harass the rest of us with lots of more spam) if one of these attachments is clicked on.

Spam is often used to facilitate financial crimes, such as identity theft.

It pays be to EXTREMELY careful before clicking on any (unknown) attachments received via e-mail.

No comments: