Spam Pose as Google Non-Delivery Report, Contains Trojan Attachment
Data de publicação: 01 setembro 2015
Trend Micro engineers came across spam mail which appear to be non-delivery reports or undelivered mail notice from mx.google.com. Upon further investigation, these messages are verified to be falsely coming from Google. These messages have varying sender addresses.
The spammed messages contain .ZIP attachments that use file names beginning with Google_Mail or Google_Drive. Opening the attachment executes a malicious JavaScript that downloads other probably malicious files. For Trend Micro product users, the spam is blocked and the malicious script, detected as JS_NEMUCOD.XXUK, is prevented from executing on the affected computer.
Data/Hora do bloqueio de spam: 01 setembro 2015 GMT-8
TMASE
- Versão do mecan
- Patrón TMASE: 1786