Análisis realizado por Mark Christian Aquino

Qantas Airways is the latest company to be spoofed by cybercriminals for a spam run. We recently encountered spam mail pretending to be legitimate email from the Australian flag carrier.

The email contains supposed itinerary details for a particular flight. It also urges the recipient to open the attached .ZIP file attachment. However, the attachment only contains an executable file, which is verified to be malicious. The executable file is a backdoor, detected by Trend Micro as BKDR_ANDROM.DSA.

Users are encouraged to be cautious when opening emails and attachments, even if the source appears reputable.

 Fecha/hora de bloqueo del spam: 19 de febrero de 2013 GMT-8
 TMASE
  • Motor TMASE: 7.0
  • Patrón TMASE: AS 9646