Categories
Tags
- apple
- bing
- blog
- business network security
- direct messaging
- malware
- microsoft
- mobile devices
- National Cyber Security Awareness Month
- p2p sharing
- pagerank bomb
- password security
- phishing
- podcast
- productivity
- remote desktop
- rogue av
- schools
- search engines
- skype
- small business
- social networking sites
- sun
- tests
- threatstatus
- web safety
- web security
- website blocking
- yahoo
DHL Shipment Notice Malware
By Mike Donnell on Nov 11th, 2011
Categories: malware, virus, email security
Tags: malware
Below is an example of a recent malware infected email attempting to spread the Bredolab (bredozip) trojan. Similar versions of failed delivery notification spam using other shipping companies are now standard threats that users should be aware of as a security threat.
In these attacks, the recipient of the email gets a notice of a package shipment that looks very authentic. When they open the email attachment, or click an embedded web link, the virus infects the host pc. This is normally the first phase of the attack which sets off a chain reaction of events. Bredolab is a downloader trojan, meaning it’s designed to download other pieces of malware and further infect the machine. These can be any virus of the attackers choosing including keyloggers,data stealing or banking trojans, spambots that send more infected emails, or any number of other malicious activities. Having a good email security solution (like the eSoft Email ThreatPak) will normally prevent infections from taking hold.
Note the “Attachment deleted….Virus: Suspect Bredozip-zippwd-2” at the bottom of the message indication that the eSoft InstaGate identified the zip file with the embedded virus and stripped the virus out of the message.
