Users are receiving emails which pretends to be from iTune store. These are specially crafted emails, which lure the users by assuring them that they are few lucky ones to be selected for Gift Certificate of amount $50.
Further the email asks the users to open the the attached zip file with the mail to find out the certificate code.
Once the users extracted the zip file and try to open the file, the malware gets executed on their machine and there is no Gift certificates.
The email which i received for analysis, contained a Backdoor.Cycbot.G file. On execution it allows attackers unauthorized access and control of an affected computer. After a computer is infected, the malware connects to a specific IRC server and joins a specific channel to receive commands from attackers.
Quick Heal successfully detects the malware and protect it’s users.
Leave a reply