G20 summit related malicious spam campaign   Leave a comment

Spammers are taking advantage of the oddest things. The lately detected spam messages concerning the upcoming G-20 summit in Korea is an example of such a specifically oriented, but very limited spam attack:

According to Trend Micro, the message seems to be coming from the Japanese finance ministry and contains a link to a .zip file that supposedly is a Word document containing comments on “two strategic questions facing the Korean G20 Presidency”.

Unfortunately for the recipients who opened it, the file actually contains a dropper Trojan. When run, it opens a Word document to make the victim believe that the file they downloaded is legitimate, while it drops another Trojan in the background – which modifies the registry in order for the malicious file to be run every time the computer is powered on.



Posted November 16, 2010 by axxerainc in Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: