Ravens PHP Scripts

New email attack variant similar to attacks previously launched on the IRS and B
Date: Wednesday, November 21, 2007 @ 00:35:22 PST
Topic: Security: Websense


WebsenseŽ Security Labs(TM) has discovered a new email attack variant similar to attacks previously launched on the IRS and Better Business Bureau. The spoofed email claims to be from the United States Department of Justice (USDOJ). We have been tracking these attacks and have previously reported on them here and here.

The message claims that a complaint to the USDOJ has been filed against the recipient's company. The email informs the reader that a copy of the original complaint has been attached to the email. The attached "complaint" is a Trojan Downloader .scr file with an MD5 of aeb784bc17c4c7e6edc5f1faaa9ed24f.



None of the major anti-virus vendors detected the malicious code.

Websense Security customers are protected from this threat.

Email screenshot included in full alert details.

For additional details and information on how to detect and prevent this type of attack: http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=822






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3151