Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Websense: Security Alert

November 2008 by Websense

Websense Security Labs ThreatSeeker Network has discovered that malware authors are capitalizing on the recently announced results of the 2008 US Presidential election. Malicious email lures are being sent promising a video showing an interview with the advisors to the recently elected US President.

The email actually contains links to a file called ’BarackObama.exe’ hosted on a compromised travel site at hxxp://*snip*.com/web/BarackObama.exe. This file is a Trojan Downloader with MD5 9720d70a5da9ca442ecf41e9269f5a27. Upon execution files called system.exe and firewall.exe are dropped into the system directory. A phishing kit is unpacked locally, and the dropped files are bound to startup. The hosts file is also modified.

Major anti-virus vendors are not detecting this Trojan Horse.

Websense Messaging and Websense Web Security customers are protected against these threats.

See previous articles


See next articles