At UNAM-CERT, we think that any help is good help. After the pharming attack we faced yesterday, we called the special forces unit.
With one hundred of these workers we could take the anti-fraud fight to a new level.
For information about"drinking birds": wikipedia.
Wednesday, August 29, 2007
Tuesday, August 28, 2007
Pharming attacks are on the rise, this time: UNAM-CERT
Today's early morning we started receiving phone calls from people asking us about an e-mail they received last night. This e-mail included links to UNAM-CERT, a supposed "guide" to secure the PC and the UNAM-CERT's phone number.
Some user submitted to me a copy of the e-mail that supposedly came from UNAM-CERT, this e-mail included a text asking the recipients to download a supposed "guide" to secure their PCs (Manual.exe).
The md5 checksum of the malware is: fcfc77d1786572812aac1319e5ad5fde
This malware modifies the hosts file in Windows, redirecting www.banamex.com to an IP address under the control of the phisher.
What is really interesting in this attack is the fact that phishers are using well-known organizations as vector for infection, even when the final target is another website, like Banamex in this case.
For more information regarding recommendations and related info you should go to the UNAM-CERT official site.
For an in-depth analysis check the UNAM-CERT's malware blog.
Some user submitted to me a copy of the e-mail that supposedly came from UNAM-CERT, this e-mail included a text asking the recipients to download a supposed "guide" to secure their PCs (Manual.exe).
The md5 checksum of the malware is: fcfc77d1786572812aac1319e5ad5fde
This malware modifies the hosts file in Windows, redirecting www.banamex.com to an IP address under the control of the phisher.
What is really interesting in this attack is the fact that phishers are using well-known organizations as vector for infection, even when the final target is another website, like Banamex in this case.
For more information regarding recommendations and related info you should go to the UNAM-CERT official site.
For an in-depth analysis check the UNAM-CERT's malware blog.
Subscribe to:
Posts (Atom)
