e-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer.

There are two public broadcast TV stations at Colombia. We received a report that a e-mail is out there claiming to be from one of the stations and announcing they have the video of Fidel Castro's funeral:


The URL points to a UK server and downloads a nasty little malware done in Visual Basic that changes Windows parameters and recolects info from your computer. The trojan used to upload the malware is located on the same directory:

Netshell Screenshot

We encourage Web server admins to keep updated security patch and avoid default configurations on web servers that could allow attackers to upload these kind of files to your webserver. This backdoor is pure php and, as you can see, has a lot of useful options.

Please keep in mind also that clicking URL links inside e-mail is dangerous. Always go to the web server typing yourself the URL.

-- Manuel Humberto Santander Peláez  |  http://twitter.com/manuelsantander  |  http://manuel.santander.name


Manuel Humberto Santander Pelaacuteez

195 Posts
ISC Handler
May 23rd 2010

Sign Up for Free or Log In to start participating in the conversation!