Malware being distributed pretending to be from AU Fedcourts
Last Updated: 2016-07-08 01:48:59 UTC
by Mark Hofman (Version: 1)
Earlier today people have started reporting that they have received a subpoena email from the Australian Federal courts.
The email links through to a various compromised sites which redirect the user to a federalcircuitcourt.net web server. Once on the web server you are expected to enter a number and the captcha shown before a case.js file is downloaded.
The case.js file is being looked at at the moment and the diary will be updated with any findings. In the mean time feel free to block the domain federalcircuitcourt.net in your web proxies. This is not a legitimate domain.
The federal circuit court has issued a media release --> http://www.federalcircuitcourt.gov.au/wps/wcm/connect/fccweb/about/news/mr080716
If you receive one of these emails feel free to contact us via the contact form and if you can provide the headers of the email and the URL being used for the link that would be appreciated.
Mark H - Shearwater