F-Secure email faked, includes trojan

By

Thousands of F-Secure users received a bogus email today that claims to be from an employee of the anti-virus vendor but instead contains a trojan.

The spam tells recipients there is something wrong with their website and asks them to click on a .zip link for a picture of the problem. Instead, the link triggers a new variant of the Breplibot worm, known as W32/Breplibot.ae.


"These emails were not sent from F-Secure's network, they were just spoofed to look like they were coming from an F-Secure address," the company said. "F-Secure has taken measures to inform network users about the attack, which has obviously been done to make F-Secure look bad."

The addresses used in the attacks include press@f-secure.com, info@f-secure.com and editor@f-secure.com.

The email reads: "Hello, I noticed whilst browsing your site that there were problems with some of your links, when I tried again with Internet Explorer the problems were not there so I assume that they were caused by me using the Mozilla browser. As more people are turning to alternative browsers now it may be of help for you to know this. I have enclosed a screen capture of the problem so your team can get it fixed if you deem it an issue. Kind regards, David Adams, Dept. Research, F-Secure Development."

F-Secure did not say how many users, if any, fell for the phishing scheme. The company also did not describe the trojan's payload.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?