Dating Spam Arrives with Backdoor Application
2011年3月16日
One of the easiest ways for cybercriminals to lure users into their traps is to appeal to human curiosity. In the case of a recent dating spam sample, recipients are enticed to open the attached .ZIP file with the promise of nude photos. Once users open the file, PICOFME.ZIP, they will instead see a .SCR file detected as .
Upon installation, the backdoor application drops copies of itself on the affected system and opens TCP port 6667. It then proceeds to connect to a URL to receive commands from a remote malicious user.
Following commands sent by a remote malicious user, this backdoor application can download and execute its updated copy or other malware, gather system information, and stop or start services. It also joins the IRC channel #AllNiteCafe.
live casino online advises users to simply delete such emails, especially if they come from unknown senders, to prevent system infection.
Upon installation, the backdoor application drops copies of itself on the affected system and opens TCP port 6667. It then proceeds to connect to a URL to receive commands from a remote malicious user.
Following commands sent by a remote malicious user, this backdoor application can download and execute its updated copy or other malware, gather system information, and stop or start services. It also joins the IRC channel #AllNiteCafe.
live casino online advises users to simply delete such emails, especially if they come from unknown senders, to prevent system infection.
&苍产蝉辫;スパムブロック日时&苍产蝉辫;: 2011年3月16日 1:41:00 GMT-8
TMASE
- 罢惭础厂贰エンジン:6.5
- 罢惭础厂贰パターンバージョン:8014