WALEDAC Spamming Madness

Aside from spamming our mailboxes with dire news of bombings in our local cities, WALEDAC is also very busy filling our mailboxes with more unwanted emails. This time, peddling various pills, meds, and male enhancements. Here’s a gallery of pharma vendors advertised in Waledac spam mails.

Figure 1. Canadian Pharmacy, a known long time [...]

March 20th, 2009 | Tags: , | Category: Malware | Leave a comment

Ichitaro Exploits Progress

On March 11, Regional TrendLabs in Japan found a zero-day exploit attack that targeted Just System’s well-known Japanese word-processor, Ichitaro. The malware exploting the vulnerability was noticed to arrive via spam and via malicious websites using the Ichitaro file extension name, .JTD. The malware ( TROJ_TARODROP.BA) drops a file {random letters}.tmp ( TROJ_DROPPER.PAO) that [...]

March 20th, 2009 | Tags: , , | Category: Malware | Leave a comment

Complex Malcode Behind ILOMO Reinfection

Last week, Trend Micro was alerted to the increasing number of ILOMO infections.  ILOMO Trojans  (some examples are TROJ_ILOMOB.,TROJ_ILOMO.F, and TROJ_ILOMO.L) arrive on systems via Web-based exploits and use different infection routines for the payload. Notable with these variants is that even when users have deleted the malicious file from the hard disk, its [...]

March 20th, 2009 | Tags: , , | Category: Malware | Leave a comment