Spam Pose as Google Non-Delivery Report, Contains Trojan Attachment
Publish date: 01 de septiembre de 2015
Trend Micro engineers came across spam mail which appear to be non-delivery reports or undelivered mail notice from mx.google.com. Upon further investigation, these messages are verified to be falsely coming from Google. These messages have varying sender addresses.
The spammed messages contain .ZIP attachments that use file names beginning with Google_Mail or Google_Drive. Opening the attachment executes a malicious JavaScript that downloads other probably malicious files. For Trend Micro product users, the spam is blocked and the malicious script, detected as JS_NEMUCOD.XXUK, is prevented from executing on the affected computer.
Fecha/hora de bloqueo del spam: 01 de septiembre de 2015 GMT-8
TMASE
- Motor TMASE:8.0
- Patrón TMASE: 1786