May 26, 2009The Malware Keeps Coming
North Carolina State University computers are still at it, this time with yet a different brand name ploy. Ladies and gentlemen, I give you Amazon.com:
This one is disguised as a shipping update notification. I get legitimate ones of these now and again from Amazon.com, but the real ones never contain an attachment. The attachment, Shipping documents.zip, drew the same 25% VirusTotal score as the hi5.com attachment (including identical malware identifications, but different hash values).
Add a fake Twitter invitation to the mix now ("Subject: Your friend invited you to twitter!"). I think I'll give it a rest.
Time to pull the plug on ncsu.edu?Posted on May 26, 2009 at 01:57 PM