The Latest in IT Security

IRS Notification Letter Email scam


The Chepvil malware which comes via email as an attachment using another trick to spread, you may receive email stating that it is from and the subject “IRS Notification Letter”. The email as shown below

The attachment comes with the names IRS document.rar. On extracting user gets an executable file with the pdf file icon.

If user open this execuable it then downloads files pusk.exe/pusk2.exe/pusk3.exe. As we can see from the http traffic:

The file pusk*.exe works as a rogueware application “Windows XP Repair” as shown below:

As usual it displays fake threat messages on the screen and forces the user to register the product
in order to remove these fake threats.

If you come across such E-mails do not open the attachment. Instead delete them and keep your Antivirus updated. Quick Heal detects the malicious attached file as “Trojan.Chepvil.K” and also block the domain. So users are already protected.
We recommend users not to open such attachments from the unknown emails.

Thanks Mahesh

Leave a reply


MONDAY, MAY 17, 2021

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments