New malware attack through email notifications

By Jake Widman
Wednesday, 18 November 2009 00:37

Security

Security experts Sophos Labs reports a widespread Trojan attack being distributed through notifications of deactivated email mailboxes. The malware package is presented as a "mailbox utility."
As described on Sophos senior technology consultant Graham Cluley's blog, the malware comes as an attachment to an email notification with the subject line, "your mailbox has been deactivated."

The message claims that the recipient's mailbox has seen some "unusual activity" and has therefore been deactivated.

The recipient is instructed to "extract and run the attached mailbox utility" to restore access. The attachment is named utility.zip.

The "utility" is in reality the Mal/EncPk-LP Trojan.

The insidious aspect of this attack -- and the factor that may make it more likely the recipient will do as instructed -- is that the message appears to come from the recipient's domain.

"For instance, if your email address was john.smith@example.com the emails would pretend to be from notifications@example.com," warns Cluley.

"We've seen this trick before," he writes. "But the reason why it is still being used is because it works."

Tags:

Please enable JavaScript in your browser to post your comment!

SPONSORED PRESS RELEASES

NetSuite Announces APAC Channel Sales Program
NetSuite Inc. (NYSE: N), a leading vendor of cloud computing business management software suites, today announced the launch of the NetSuite Channel Program, a major new channel program tailored for the Asia Pacific region. The new NetSuite Channel Program will enable solution pr...
Axway cautions on escalating risks and cost of file transfer
Independent Research Shows High Customer Satisfaction for NetSuite
Websense Security Labs Reports ‘User Trust’ Targeted Attacks; Over 1 in 10 ‘Top Search’ Results Categorised as Malware; Increased Focus on Web 2.0
ComOps Scoops Leading Position in SmartCompany Dun and Bradstreet IT Company Growth List
F5 APAC CIO Survey Underscores Need for Proactive Approach to Application Delivery and Cloud Computing
F5 Delivers Next-Generation Application Delivery Services Giving Enterprises More Control with Context-Aware Networking
WatchGuard Enhances Security Software
engin Launches Hosted Phone System for Australian Small Business

Featured IT jobs

Melbourne
Senior Software consultant
Senior Software consultant responsible for providing support on a unique enterprise level software solution for various customers, Melbourne based!
Skills Tags:   IT  ITIL  Linux  Management  RFP  Unix
Sydney
Database Developer - SQL Server 2005
This financial client has an excellent opportunity for an experienced Database Developer. SQL 2005 Some Schema design + SSIS & SSRS - 80k+super
Skills Tags:   Design  Development  SQL  SQL Server
Melbourne
Hyperion Planning Consultant
Massive Hyperion Project requires a Hyperion Planning Architect / Lead Developer - drive home a huge Hyperion solution.
Skills Tags:   Architect  Design  Development  Hyperion
Sydney
OBIEE BI/DW Consultant
OBIEE Consultant to work on a very large greenfield OBIEE implementation to date to work end-to-end with excellent modelling & BI Server skills
Skills Tags:   Business Intelligence  Cognos  Hyperion  Informatica  Oracle  SQL

Editors Picks

Stories you may have missed

How YouTube is killing mobile networks, and what to do about it

Microsoft Surface slips into Australia

Wikileaks is back from the brink
 

What iTWire offers for free

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases