Today, I got lot of mails with subject: Happy 2009 from noodles@ma2.seikyou.ne.jp with this text:
From: Maria [mailto:noodles@ma2.seikyou.ne.jp]
Sent: Thu 1/3/2002 12:53 PM
To: @STRGP3
Subject: Happy 2009!
Maria sent you a New Year postcard.
Collect it here: http://youryearcard.com/?cardnum=d06657452eb0162e3
Best Wishes, Christmas-Egreetings
Clearly it was spam, as the card downloads an executable, which is a virus.
Here's more information about the virus: http://safeweb.norton.com/report/show?name=youryearcard.com :
Hard to Uninstall (what's this?)
Threats found: 3
Here is a complete list:
Threat Name: Hard to Uninstall
Signature (MD5): ccddda141a19d693ad9cb206f2ae0de9
Location: http://youryearcard.com/postcard.exe
Threat Name: Hard to Uninstall
Signature (MD5): ccddda141a19d693ad9cb206f2ae0de9
Location: http://itsfatherchristmas.com/postcard.exe
Threat Name: Hard to Uninstall
Signature (MD5): 044317a6e6a482e5d491d2cac932d3fd
Location: http://superyearcard.com/postcard.exe
Threats found: 2
Here is a complete list:
Threat Name: 4336
File name: /apps/Symantec/shasta/analysis/cache/cache_25/postcard.exe
Signature (MD5): ccddda141a19d693ad9cb206f2ae0de9
Location: http://itsfatherchristmas.com/postcard.exe
Threat Name: 4336
File name: /apps/Symantec/shasta/analysis/cache/cache_4/postcard.exe
Signature (MD5): 044317a6e6a482e5d491d2cac932d3fd
Location: http://superyearcard.com/postcard.exe
Subscribe to:
Post Comments (Atom)
Posts
2 comments:
Say I happened to have been a bit naive and did happen to try to collect the Ecard. Immediately after realizing what I had just done, I disconnected from the internet, terminated the process, and deleted the exe. But, have I done enough? Am I doomed to assist this foul harvest of email addresses?
Hi Odul,
I recommend a virus scan with latest updates. Here's more news about this:
http://vil.nai.com/vil/content/v_153670.htm
http://garwarner.blogspot.com/
- Vikram
Post a Comment