Jump to content


Malicious Code: IRS scam downloading new Trojan Horse

  • Please log in to reply
No replies to this topic

#1 AplusWebMaster



  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 06 June 2007 - 08:03 PM


- http://www.websense....php?AlertID=779
June 06, 2007 ~ "...New email spam variant similar to attacks previously launched on the IRS and Better Business Bureau. The spoofed email claims to be from the Internal Revenue Service (IRS). The message claims that IRS is investigating the recipient and the recipient's company for tax fraud. The email prompts the reader download a document to help resolve the issue. The document is an executable written in Delphi with the MD5 of (9d0252348a2b470be5950c216993f7ce). The infected document was not detected by any anti-virus programs we tested. The filename is Complaint.doc.exe, and is hosted on a server based in China. The server was up at the time of this alert. We are completing our analysis, but this appears to be a Trojan Horse and will not run on all systems..."

(Screenshot available at the URL above.)

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...

Member of UNITE
Support SpywareInfo Forum - click the button