The Latest in IT Security

Fake Virgin Blue Itinerary Email Soars with Malware

13
Dec
2012

Websense Security Labs™ ThreatSeeker™ Network detected a slew of fake Virgin Blue Itinerary emails.  The email contains a malicious zip attachment called Virgin-Itinerary.pdf.zip, which contains the malicious binary file Virgin-Itinerary.pdf.XXXXX.exe.

When clicked, the binary copies itself as svchost.exe in the c:\Documents and Settings\All Users directory and then adds a run registry key to run the sample at boot time.  More information on the behavior and activities of the malicious binary file Virgin-Itinerary.pdf.XXXXX.exe can be found in our ThreatScope report here.  

Virgin Australia issued an advisory on this incident earlier today via their twitter page:  https://twitter.com/VirginAustralia

Websense customers are protected from these and other threats by ACE, our Advanced Classification Engine.

Special thanks to: Tamas Rudnai

Leave a reply


Categories

SUNDAY, AUGUST 19, 2018

Featured

Archives

Latest Comments

Social Networks