» Topic:  Real News with Real Malware

» Added by:  lan

» Date:  5.6.2007

  The latest malware spam run is using gripping news headlines as email subjects to hook in unsuspecting victims. And while this is not something new, the use of actual news headlines can make it more difficult to distinguish it as malicious.

SANS ISC reports that the following have been used as subject lines:

Re: U.S. violent crime up again, more murders, robberies
Man Awakens From 19-Year Coma
Law hits Las Vegas 'fake' bands

Also, body text may include any of the following:

Decade Of Mystery: John Ramsey Speaks
Man wakes from 19-year coma in
Poland US vows to pursue hunt for missing soldiers
Password for submitted attachment is xxx

Attachments are password protected Zip archives with random filenames but appear to come from news organizations. The binary inside has the filename v245o.exe and is now detected as Backdoor:W32/Spamuwi.A using database update 2007-06-05_01.

Source : http://www.f-secure.com/