Halloween Deception:

Humpty · October 30, 2007

Websense? Security Labs? has discovered a new Trojan Horse information stealer that is being emailed out as a Halloween Greeting Card in Mexico.

To date we have seen four unique sites being spammed out all with the same binary file. They were in Korea, Brazil, and Russia, and were all up and running at the time of this alert. The file is called "hallowenDay.exe" and has an MD5 of (65cd5a35bc70075f86cb6404f54d67b8). It is also poorly detected by anti-virus signatures.

Assuming users access the site and select to run the file a Trojan Horse is downloaded onto their machine which is designed to steal banking information from users, the file appears to also be packed with a unique custom packer.

We expect to see additional email lures and malicious websites on our radar with Halloween night quickly approaching. The email is written in HTML and has a variety of subject lines.

Article

ishan_rulz · October 30, 2007

Vaguely .. reminds me of the notorious Friday the 13th Virus

ishan_rulz · October 30, 2007

purrrfect .. halloween gift for the newbies ..

JDPower · October 31, 2007

Vaguely .. reminds me of the notorious Friday the 13th Virus

purrrfect .. halloween gift for the newbies ..

Still not mastered that edit button? :rolleyes:

ishan_rulz · October 31, 2007

Still not mastered that edit button?

haha .. u got that rite JD .. .. lmao

Sign In

Halloween Deception:

Recommended Posts

Humpty

Link to comment

Share on other sites

ishan_rulz

Link to comment

Share on other sites

ishan_rulz

Link to comment

Share on other sites

JDPower

Link to comment

Share on other sites

ishan_rulz

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Browse

Activity

Home

Mobile

Business

Important Information