Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Vipre Report For June Available From GFI

GFI Software : 06 July, 2012  (Technical Article)
Malware report focuses on spamming campaigns involving spam posing as reputable companies to lure victims to malware infected sites
GFI Software has released its VIPRE Report for June 2012, a collection of the 10 most prevalent threat detections encountered last month. In June, GFI threat researchers observed two fresh spam campaigns linking to Blackhole exploits which posed as confirmation emails from Twitter and Amazon. Delta Airlines similarly had their brand misappropriated in a spam campaign meant to infect users with Sirefef and rogue antivirus software. GFI also hosted a free webinar which provided a detailed look at the Flame virus using data gathered from GFI’s own GFI Sandbox technology.

“Cybercriminals are ever focused on infecting as many victims’ machines or stealing as much personal information with as little effort as possible. By disguising the source of their spam as messages from companies or organisations with widespread appeal, they can increase the number of potential victims likely to fall for their scams,” said Christopher Boyd, senior threat researcher at GFI Software.  “Any notices or ‘confirmation emails’ that arrive unexpectedly, no matter how legitimate it may appear, should be thoroughly inspected before the user takes any other action. If something seems out of place, users should trust their instincts and use common sense before clicking anything that could make the situation worse.”

Throughout the month of June, phony emails claiming to be Amazon order confirmations were sent to unsuspecting victims in the hopes of infecting them with malware. Users who clicked any of the links contained in the email were directed to a web page that contained Blackhole exploit code. The exploit scanned the user’s system for Adobe® Reader® and Adobe Flash® before loading a Java applet that redirected the victim to web pages that hosted specially-crafted PDF exploit files depending on the version of Adobe Reader found on the system.

Another fake email posing as a Twitter account confirmation linked victims to a Russian website which housed a Blackhole exploit kit. The site deployed exploits that targeted Adobe Reader and Adobe Flash vulnerabilities which were as old as six years. It’s important to note that both of these attack campaigns could have been avoided had victims kept their software fully patched and up to date.

A bogus spam email was also discovered disguising itself as a Delta Airlines e-ticket. Users who downloaded the attachment were met with an executable file that infected their system with Sirefef and Live Security Platinum, a rogue antivirus program. This fake AV program blocked the running of all other applications and deployed constant pop-ups and browser redirects to messages alerting the user of an infection and requesting payment to clean up the system.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo