Bird flu spam spreads WMF trojan downloader

By on

Security experts have warned of a new malicious email that uses social engineering playing on the growing fear of an avian flu epidemic to trick users into visiting a malicious website.

Users receive an email with the subject "Attention Bird Flu in England." The body requests users to click on a link to go either of two websites to get more information. The email also claims the government is trying to hide the facts on the flu.

Upon clicking on a link, users are directed to a website that claims the user been blocked from accessing it.

Within the HTML, an IFRAME is loaded that uses the recent WMF exploit to run code without user-intervention. The code is a trojan horse downloader, which connects to another site to download new malicious code. The filename is "expl1.wmf," which downloads and runs "expl1.exe.", Websense Security Labs warned.

In the past, the same sites have been used for phishing, fraud and distributing malicious code, according to Websense. The sites are hosted in the .WS and .CC domains and were up and running at the end of last week.

Email body:

"Attention !!! Bird flu in England !!!

UK researchers reported to government that the H5N1 influenza virus was founded in some birds in the UK. Also, 35 yo man infected with the H5N1 bird flu virus hospitalized in UK hospital ! government trying to hide the true from people despite real facts. All facts you can read here on our website..............."
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
birddownloaderflusecurityspamspreadstrojanwmf

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

Most Read Articles

Australia scraps digital passenger cards for international arrivals

Australia scraps digital passenger cards for international arrivals
PayTo rollout kicks off

PayTo rollout kicks off
Neobank Volt exits the banking industry

Neobank Volt exits the banking industry
Westpac sets sights on hybrid meeting spaces

Westpac sets sights on hybrid meeting spaces

Digital Nation

Case Study: Multicloud business drivers at MLC Life Insurance
Case Study: Multicloud business drivers at MLC Life Insurance
Case study: AFL kicks goals with its new digital platform
Case study: AFL kicks goals with its new digital platform
Case Study: Good360 deploys NetSuite, Magento and Salesforce
Case Study: Good360 deploys NetSuite, Magento and Salesforce
Personalisation strategies need to be built from the ground up
Personalisation strategies need to be built from the ground up
Case Study: EY invests in AI to improve approach to flexible working
Case Study: EY invests in AI to improve approach to flexible working

Log In

  |  Forgot your password?