Jump to content

New Buzus Distribution Campaign Generates Wave of Fake Emails

Starbuck
 Share

Recommended Posts

  • ExTS Admin
Starbuck Newbie

Starbuck

Posted
  • ExTS Admin
Posted

http://img.photobucket.com/albums/v708/starbuck50/new/New-Trojan-Abuses-Popular-Remote-Control-Software-2.jpg Security researchers from antivirus vendor Sophos warn of a new wave of emails distributing a new variant of the Buzus malware, which masquerade as official communications from major websites.

 

Some of the rogue emails pose as a job application response from Google and purport to come from a resume-thanks@google.com address.

 

The message contained within reads: "We just received your resume and would like to thank you for your interest in working at Google. This email confirms that your application has been submitted for an open position."

 

It goes on to instruct recipients to open the attached file which is allegedly a review of the submitted application.

 

The file, called CV-20100120-112.zip, contains an installer for the Buzus worm which spreads by sending the emails through an external SMTP server and copying itself to removable USB devices.

 

The malware, detected as W32/AutoRun-BHX by Sophos, is also known to create copies of itself within folders usually shared by P2P applications with names suggesting cracks for popular applications.

 

Other Buzus distribution emails masquerade as unread message notifications from Facebook and carry a "Facebook message.zip" file.

 

"You have got a personal message on Facebook from your friend. To read it please check the attachment," the rogue emails read.

 

Additional spoofed communications which are part of the same campaign purport to come from Twitter, hi5, Amazon and Hallmark. They look identical to a similar wave of rogue emails reported by security vendors in October last year, suggesting that the malware authors only updated the Buzus version.

 

"Always be suspicious of unsolicited email attachments, and ensure that your anti-virus protection is up-to-date. Malware campaigns can take different disguises and users must learn to be on their guard," warns Graham Cluley, senior technology consultant at Sophos.

 

 

Source:

New Buzus Distribution Campaign Generates Wave of Fake Emails - Softpedia

Member of:

UNITE

  • Replies 0
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...