Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: False scare email proclaiming North Korea nuclear launch against Japan - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
False scare email proclaiming North Korea nuclear launch against Japan

Reader Jim informed us about a scare email tactic that is trying to entice users to open a malicious zip file. The email looks very well done and is supposedly written by the US Department of National Intelligence.  The email basically warns that North Korea has launched a missile at Japan (Okinawa) and that severe destruction has been reported.  At the end of a massive list of US agencies, there is a link to a report.zip file with an executable that doesn't seem to have much virus coverage at the moment.  Only Symantec is identifying it as Suspicious.Insight.  Here is another forum discussing this activity today: http://forums.malwarebytes.org/index.php?showtopic=42360.

It is a shame that Global Thermonuclear War is being used to drop lame viruses.

-Kyle Haugsness

 

Kyle

112 Posts
Nothing on my end. For those who didn't see my comment on the last article about bad emails - http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt
Anonymous
Posts
VirusTotal is picking up on 8/41 for the exe: http://www.virustotal.com/analisis/78ffd2ea27a324d05085e905e12d746d047885f35f749a3f167b14b6fa6a1cee-1267894855

ThreatExpert: http://www.threatexpert.com/report.aspx?md5=4bc11a21f53f134afc0eccf627e63ae2
Anonymous
Posts
VirusTotal is picking up on 8/41 for the exe: http://www.virustotal.com/analisis/78ffd2ea27a324d05085e905e12d746d047885f35f749a3f167b14b6fa6a1cee-1267894855

ThreatExpert: http://www.threatexpert.com/report.aspx?md5=4bc11a21f53f134afc0eccf627e63ae2
Anonymous
Posts

Sign Up for Free or Log In to start participating in the conversation!