September 10, 2007Another Malware Lure. Not So Stormy?
Here is the malware lure du jour:
Subject: You have just recieved a NEW message!
You have just recieved a new Google Message!
You can view your message here: http://www.google.com/gmsgid=4289472
Note: If you do not already have Google Message Viewer installed, you will be prompted to install it.
The Google URL is an HTML link bearing a hidden actual destination at a hijacked South Korean computer on a broadband connection. The destination automatically downloads a file named GoogleSetup.exe. It's a new one, which very few antivirus products have definitions for as I write this.
This one doesn't seem to be as clever (or as correctly spelled) as the recent Storm invasions. Probably an independent production.Posted on September 10, 2007 at 01:03 PM