New job-search related malware spam outbreak detected

BANGALORE,INDIA: Websense Security Labs researchers have uncovered a new job-search related malware spam outbreak today.

Websence said the spam is designed to target the inboxes of Human Resources people to infect their computers, and asks them to review a CV without stating what position the application is for.

Moreover, some attachments are disguised as picture files which might further catch the recipients off-guard and make them open the attachment. Websense have seen more than 230,000 samples in 4 hours this morning, and the number is increasing quickly.

According to a company press release, inside the ZIP file is an executable that contains the Official bot. This connects to a URL in the davidopolko.ru domain for its C&C functions. Just over half of the AV vendors have detection for this attack according to VirusTotal.

Once run it changes the wallpaper telling you that your PC is infected.After which it downloads and installs a Rogue AV called Security essentials 2010.

Comment from Carl Leonard, Websense Security Research Manager — EMEA:

“HR departments are used to receiving CV's over email and this kind of malicious activity is indicative of the modern day hacker. The Broad-brush approach to seeding malware is now out of favour; fraudsters know they can infect more computers, and steal more data, if they use techniques that fit the target.”

“To defend against modern malware a business should have comprehensive content security protection that moves in tandem with the ever advancing cybercrime community. A business seriously needs to consider a solution that will provide it with real time security across multiple platforms. This is the only way to mitigate the threat of the modern day cyber criminal.”