Thanks to ISC reader Tom for passing on yet another socially engineered attempt to install malware in victim's PCs. This time a "Bank of America Digital Certificate Updating" scheme is used, where a victim of the luring EMail is directed to a fake website that looks like this: (I really like the "If you receive a 'potential scripting violation'... advice heh-heh) Using the <Update Certificate> button here will net you a piece of Malware that has approximately %30 AV coverage (as indicated by VirusTotal). A quick analysis of said malware shows probable signs of, suprise-suprise, Waledac...
G.N. White Handler on duty (no certificate necessary)
|
G. N. 23 Posts Jun 1st 2009 |
Thread locked Subscribe |
Jun 1st 2009 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!