New malware spam targets HR departments

By siliconindia   |   Thursday, 13 May 2010, 21:55 IST   |    1 Comments
Printer Print Email Email
New malware spam targets HR departments
Bangalore: A job-search related malware spam has been uncovered by the researchers of Websense Security Labs. The spam targets the inboxes of HR executives and infects their computers. The spam asks the receiver to review a CV without mentioning anything about the position applied for. The spam also contains some attachments that are disguised as picture files. According to the researchers of Websense, over 230,000 samples have been found so far, and the number is increasing quickly. The spam contains a ZIP file attached to it. Inside the ZIP file is an executable that contains the Oficla bot. This connects to a URL in the davidopolko.ru domain for its C&C functions. According to VirusTotal, a free virus and malware online scan service, over half of the AV vendors have detection for this attack. When it is run, the wallpaper gets changed telling that the computer is infected. After that it starts to download and install Security essentials 2010, a rogue anti-spyware application that is promoted and installed through the use of Trojans and other malicious software. According to Carl Leonard, Websense Security Research Manager-EMEA, this kind of malicious activity is indicative of the modern day hackers, whose purpose is to steal data. To defend against modern malware a business should have comprehensive content security protection that moves in tandem with the ever advancing cybercrime community, he said.

siliconindia