Symantec Blogs: Security ResponseSyndicate content

Trojan.Bredolab is Making Yet Another Comeback.
Shunichi Imano | October 27th, 2009
0 comments
Security Response is aware of a new round of spam replacing old DHL and UPS themes in an attempt to spread Trojan.Bredolab.

Taking a Closer Look at Trojan.Bredolab
Bredolab Delivers More Parcels and Cash
 

This time the email is masquerading as a notification from Facebook that the recipient’s password has been reset.

Facebook.PNG
 
The message comes with a .zip file containing a malicious .exe file. Symantec detects the .exe files as Trojan.Bredolab.

This...
Read more
Tags: Security, Security Response, Malicious Code, Spam, Endpoint Protection (AntiVirus)
Email Spoofed from Japanese Government Agency Targets Japanese Companies
Shunichi Imano | April 14th, 2008
0 comments
Today, April 14th, 2008, Symantec Security Response received reports from a number of our customers regarding a possible targeted spam attack against several Japanese companies.

The spam email associated with this attack spoofs itself as an email from a Japanese government agency and entices the user to open the attached .zip file to check recent organizational changes. The attached .zip file contains 2 files: 0414.xls and 0414.exe. 0414.xls is a legitimate file containing a list of names, addresses, and personnel positions that may or may not really exist. There is no evidence to suggest that any exploit attempts are made on this file.

However, the other file, 0414.exe, is a variant of Backdoor.Darkmoon, which has a keylogging capabilities. At the time of writing, we have seen several variants of...

Read more
Tags: Security, Security Response, Spam, Endpoint Protection (AntiVirus)