Trojan downloader behind .co.cc URL.
Researchers at
Vircom
have discovered a junk fax with an ‘unsubscribe’ URL which contained a trojan downloader.
Junk faxes (also known as ‘fax spam’), have been common since the late 1980s. Apart from being a nuisance, they are a waste of paper and ink. Many users would thus be happy to find a way to stop receiving them – and the URL printed at the bottom of this fax promised exactly that.
Upon further investigation, however, it was found that the URL did not unsubscribe the user from the senders’ lists; rather, it attempts to infect them with a trojan downloader.
Given that the URL lives on a subdomain of
.co.cc
, which offers free subdomain redirection and has a
long history
of hosting malware and spamvertisements, experts will not find this surprising. However, to most recipients, the URL will have appeared legitimate and harmless.
More at
Vircom
‘s
Email Security Matters
blog
here
.
Posted on 24 February 2012 by
Virus Bulletin
Leave a Reply