CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
November 27th, 2008

Infecting Christmas E-greetings Are Distributed Via Spam

Websense Security Labs has discovered that malware authors are already using Christmas themes this year as a social engineering tactic, in an effort to gain control over compromised machines. This campaign uses email messages in the form of e-greetings, leading to supposed animated postcards. These actually lead to a Trojan backdoor that has been distributed in previous malicious spam campaigns.

The email messages, spoofed to appear as though they have been sent from postcards.org, display an animated Christmas scene. A URL link within the email leads to a malicious file called postcard.exe hosted on various servers, including those in the .com domain space.

Once executed, a backdoor is created by the malware author enabling access and control over the resources of the compromised machine. Control is conducted over IRC, communicating with ircserver.*snip*.la. During the install process an image called xmas.jpg is displayed to the user as a distraction technique.

Example of malicious email:

Share this item with others:

More on CyberInsecure:
  • Malaysian Kaspersky Antivirus Website Has Been Hacked In An SQL Injection Attack
  • Beware Of Independence Day Malware Spam By Waledac Botnet
  • Government-related Organizations Tricked By A Documents Stealing E-Card Trojan
  • Distributed Denial Of Service Attack Takes Down Twitter
  • Storm Botnet Is Behind 20 Percent Of Internet Spam

    • Posted in Malware, Spam, Trojans & Worms | Print This Post Print This Post

    This entry was posted on Thursday, November 27th, 2008 at 2:25 pm and is filed under Malware, Spam, Trojans & Worms. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Infecting Christmas E-greetings Are Distributed Via Spam

    One Response to “Infecting Christmas E-greetings Are Distributed Via Spam”

    1. secman Says:
      November 28th, 2008 at 2:09 am

      redirecting technique is too familiar for spam , i dont like it , cheating !! simple wthot tech knowledge !

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »