検索:
ホーム   »     »   MyTob Link Spammed in Email

MyTob Link Spammed in Email

  • 投稿日:2006年1月9日
  • 脅威カテゴリ:未分類
  • 執筆:ウイルス解析担当者
0

There is a new MyTob variant that is making the round on the net. It successfully propagates by sending a fake email with the embedded link pointing to the copy of itself. See below for the email details.


Subject: Account Alert

Email Details:



Sincerely, {random} Security Department

http://www.{random}/confirm.php?account={random}

Dear Valued Member,

According to our terms of services, you will have to confirm your e-mail by the following link, or your account will be suspended within 24 hours for security reasons.

After following the instructions in the sheet, your account will not be interrupted and will continue as normal.

Thanks for your attention to this request. We apologize for any inconvenience.





The link being displayed in the email actually points to
http://204.{blocked}/Confirmation_Sheet.pif, which is the copy of the worm itself.


It also has a backdoor capability wherein the attacker can retrieve system information and download and execute file on the affected system by joining the affected system to an ‘attacker-owned’ IRC server.


Note:


The malicious file has been given the detection name WORM_MYTOB.MR.


No related posts.



  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2018 Trend Micro Incorporated. All rights reserved.