The Latest in IT Security

Fake Virgin Blue Itinerary Email Soars with Malware


Websense Security Labs™ ThreatSeeker™ Network detected a slew of fake Virgin Blue Itinerary emails.  The email contains a malicious zip attachment called, which contains the malicious binary file Virgin-Itinerary.pdf.XXXXX.exe.

When clicked, the binary copies itself as svchost.exe in the c:\Documents and Settings\All Users directory and then adds a run registry key to run the sample at boot time.  More information on the behavior and activities of the malicious binary file Virgin-Itinerary.pdf.XXXXX.exe can be found in our ThreatScope report here.  

Virgin Australia issued an advisory on this incident earlier today via their twitter page:

Websense customers are protected from these and other threats by ACE, our Advanced Classification Engine.

Special thanks to: Tamas Rudnai

Leave a reply


TUESDAY, MAY 22, 2018



Latest Comments

Social Networks