BANGALORE, INDIA: Websense Security Labs ThreatSeeker Network has detected a spam posing acting as a Twitter Password Reset Notification. More than 55,000 instances of this malicious spam email have been observed so far.
The spam contains a link to a compromised Web site that, when clicked or pasted into the browser, prompts the user to download a malicious executable named password.exe. The executable turns out to be a rogue AV called Protection Center Safebrowser. What distinguishes this rogue AV from the others is that it actually displays on the user's desktop some of the malicious files it installs. This makes the attack notification more believable.
The attack is detected as Trojan.Generic.Win32(SHA:0b00649c14b96219dd080a0ce6492c4d04c7f45c) and is currently recognized by 19 of the 41 engines on Virus Total.
Carl Leonard, Senior Research Manager, Websense security labs said: “What distinguishes this rogue Anti-Virus campaign from others we have seen is that it displays on your desktop some of the malicious files it installs. This makes the attack notification more believable. A business seriously needs to consider a solution that will provide it with real time security in order to mitigate the threat of the modern day cyber criminal.”
Get most out of your technology infrastructure investments with Dell
About CIOL | Media Kit | Site Map | Contact Us | Help | Write to us | Jobs@CyberMedia | Privacy Policy
Copyright © CyberMedia India Online Ltd. All rights reserved. Usage of content from web site is subject to Terms and Conditions.