Fake sales invoice includes downloader.
A new spam campaign claiming to be information on an order for a new
iPod
is accompanied by a trojan which, when run, attempts to download more malware to the victim machine.
The spam states a purchase of a new music player has been made at
Yahoo Shopping
, and is due to be shipped by
FedEx
. It goes on to instruct recipients to check in the attached zip file for further details. When the self-extractor is run, the trojan is unleashed. Poor spelling and sloppy design, as well as not having ordered an
iPod
, should tip off readers that the email is suspicious.
Detection for the new Trojan, variously called ‘Dowdec’and ‘Goldun’, is being updated by AV companies.
Posted on 30 August 2006 by
Virus Bulletin
Leave a Reply