New Spam Campaign Aimed At Match.com Installs Trojan
Match.com, an online dating service with reportedly more than 15 million members from 37 countries, is being used by miscreants to infect users with malware. Websense Security Labs has noticed that this new spam campaign aimed at Match.com is being used to spread a trojan called Papras.
On April 7 2009, Websense received thousands of malicious emails in their email Honey Pot system. The emails claim that someone wants to show the user her pictures and videos, and lures the user into visiting the Web site set up by the attacker. When the user starts the video on the Web site, they are asked to install a streaming video player (a malicious file called ADOBE_PlayerInstallation.exe) which is actually a trojan with relatively low AV detection, according to VirusTotal:
BitDefender 7.2 2009.04.08 Trojan.PWS.Papras.V
eSafe 7.0.17.0 2009.04.07 Suspicious File
F-Secure 8.0.14470.0 2009.04.08 Trojan-PSW:W32/Papras.DS
GData 19 2009.04.08 Trojan.PWS.Papras.V
McAfee+Artemis 5577 2009.04.07 Generic!Artemis
Prevx1 V2 2009.04.08 High Risk System Back Door
Sophos 4.40.0 2009.04.08 Mal/EncPk-HJ
Symantec 1.4.4.12 2009.04.08 Infostealer
VBA32 3.12.10.2 2009.04.08 suspected of Malware-Cryptor.Win32.General.3
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.