dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1035
share rss forum feed


Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
kudos:4

1 recommendation

Warning: Pixmania gift voucher email contains trojan in ZIP

Very seldom (last time was years ago) I receive emails with malicious content, however yesterday I received the Pixmania gift voucher email too so following article written by MX Lab draw my attention:

quote:
MX Lab started to intercept a new trojan distribution campaign by email with the subject “Pixmania.com gift voucher code”.

The email is send from “Pixmania.com” with a spoofed email address and has the following body: [see attached pic]

The attached ZIP file has the name voucher.zip and contains the 122 kB large file voucher.scr.

The trojan is known as a variant of Win32/Kryptik.ARTR, Trojan.Generic.KD.823865, Artemis!32D03167D51A or WS.Reputation.1.

At the time of writing, 13 of the 45 AV engines did detect the trojan at Virus Total.

Virus Total permalink and SHA256: 088aa2ff181efea185749728f40eb8005e0cbf5ae13acf0823ad32aecdccc843.
Article source: »blog.mxlab.eu/2013/01/09/pixmani···ip-file/
--
»bit.ly/gUqYaH - C. Brian Smith: Think of the exclamation point as a car horn: a little goes a long way. Lay on it too hard and everyone’s going to think you’re a moron.

TheMG
Premium
join:2007-09-04
Canada
kudos:3
Reviews:
·NorthWest Tel
Anyone who falls for this needs a serious lesson in computer security.

Many things about that email should raise a lot of suspicion and alert the user that it is a fake.

First of all, the email address that it appears to be sent from. The email account name is just random letters. The domain isn't even pixmania.com.

Secondly, why put the voucher code inside a zip file when it can be simply included in text in the email?

Lastly, the fact that the zip file contains a .scr, which is an EXECUTABLE Windows screen saver file, should scream ALERT ALERT ALERT!!!!!!


La Luna
RIP Lisa
Premium
join:2001-07-12
Warwick, NY
kudos:3

1 recommendation

Do you know how many people don't know about ANY of what you said? Millions. Hence the reason why this malware is still around.....it works.


Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
kudos:4
Thanks La Luna See Profile, you see it the right way, many people don't scream ALERT ALERT ALERT!!!!!!. Instead they will scream €100 100€ €100 from Pixmania, it's my lucky day!
--
»bit.ly/gUqYaH - C. Brian Smith: Think of the exclamation point as a car horn: a little goes a long way. Lay on it too hard and everyone’s going to think you’re a moron.

TheMG
Premium
join:2007-09-04
Canada
kudos:3
Reviews:
·NorthWest Tel
reply to La Luna
said by La Luna:

Do you know how many people don't know about ANY of what you said? Millions. Hence the reason why this malware is still around.....it works.

Sad but true.

Unfortunately, education about computer security is still very scarce.

It needs to change!


goalieskates
Premium
join:2004-09-12
land of big
reply to Smokey Bear
Oh, man. I had no clue what pixmania even was till I googled it. So I'd have deleted it as spam if my software didn't already.

Thanks for the heads up, though.