Hey, you put your Trojan in my spam!
A Trojan in my spam? True. The most recent version of malicious code that we are seeing being delivered by spam is a Trojan in greeting card spam. Malicious code in spam has been around off and on for some time. We’ve even blogged about it in the past; here (from January 2007) and it appears that at least one more spammer thinks it is a novel tactic.
We’ve observed over 18 million of these spam messages in the past few days and have successfully blocked the ones we have seen. Each of the messages we’ve seen so far has a Hong Kong domain (.hk ) in the subject line. Messages containing this Trojan are easy to spot, carrying subject lines such as:
Subject: Mima sent you a .hk! Greeting
Subject: Martha sent you a ..hk! Greeting
The body of the message appears to be a greeting card and instructs the recipient to click the link to view the greeting card. Do not click the link, as it allows infection by the Trojan. Decidedly not a friendly greeting card.