False scare email proclaiming North Korea nuclear launch against Japan

Published: 2010-03-05. Last Updated: 2010-03-05 21:08:31 UTC
by Kyle Haugsness (Version: 1)
3 comment(s)

Reader Jim informed us about a scare email tactic that is trying to entice users to open a malicious zip file. The email looks very well done and is supposedly written by the US Department of National Intelligence.  The email basically warns that North Korea has launched a missile at Japan (Okinawa) and that severe destruction has been reported.  At the end of a massive list of US agencies, there is a link to a report.zip file with an executable that doesn't seem to have much virus coverage at the moment.  Only Symantec is identifying it as Suspicious.Insight.  Here is another forum discussing this activity today: http://forums.malwarebytes.org/index.php?showtopic=42360.

It is a shame that Global Thermonuclear War is being used to drop lame viruses.

-Kyle Haugsness

 

3 comment(s)

Comments

Nothing on my end. For those who didn't see my comment on the last article about bad emails - http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt
VirusTotal is picking up on 8/41 for the exe: http://www.virustotal.com/analisis/78ffd2ea27a324d05085e905e12d746d047885f35f749a3f167b14b6fa6a1cee-1267894855

ThreatExpert: http://www.threatexpert.com/report.aspx?md5=4bc11a21f53f134afc0eccf627e63ae2
VirusTotal is picking up on 8/41 for the exe: http://www.virustotal.com/analisis/78ffd2ea27a324d05085e905e12d746d047885f35f749a3f167b14b6fa6a1cee-1267894855

ThreatExpert: http://www.threatexpert.com/report.aspx?md5=4bc11a21f53f134afc0eccf627e63ae2

Diary Archives