Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Yet another "Digital Certificate" malware campaign SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Yet another "Digital Certificate" malware campaign

Thanks to ISC reader Tom for passing on yet another socially engineered attempt to install malware in victim's PCs.

This time a "Bank of America Digital Certificate Updating" scheme is used, where a victim of the luring EMail is directed to a fake website that looks like this:

 

(I really like the "If you receive a 'potential scripting violation'... advice   heh-heh)

Using the <Update Certificate> button here will net you a piece of Malware that has approximately %30 AV coverage (as indicated by VirusTotal).  A quick analysis of said malware shows probable signs of, suprise-suprise, Waledac...

 

G.N. White

Handler on duty  (no certificate necessary)

 

 

G. N.

23 Posts
Jun 1st 2009

Sign Up for Free or Log In to start participating in the conversation!