[unisog] This seems a spyware. Is this?

yamanoue at cc.kagoshima-u.ac.jp yamanoue at cc.kagoshima-u.ac.jp
Fri Apr 13 23:46:27 GMT 2007


Dear All
  I'm very glad to have so many replies.
  Thank you very much.
  I uploaded the attachment to the virustotal.com.
  The file was Trojan.Peacomm!zip.
  I've sent a warning to my universities users.

  Takashi

-----Original Message-----
From: unisog-bounces at lists.dshield.org
[mailto:unisog-bounces at lists.dshield.org] On Behalf Of takashi yamanoue
Sent: Friday, April 13, 2007 8:48 AM
To: 'UNIversity Security Operations Group'
Subject: [unisog] This seems a spyware. Is this?

Hi.
  I'm takashi from Japan.
  I've received the following mail today.
  It seems a malicious mail with a spyware.
  Does anyone know something about this mail?
  The mail has an attached file, bugfix-48566.zip (38 KB),
  and the following text was an image.

  Regards,

Takashi Yamanoue, Dr.
Computing and Communications Center, Kagoshima University
yamanoue at cc,kagoshima-u.ac.jp
http://yama-linux.cc.kagoshima-u.ac.jp/~yamanoue
+81-99-285-7187
-------------------------
Dear Customer,

Our robot has detected an abnormal activity from your IP Address on sending
e-mails. Probably it is connected with the Last epidemic of a worm which
does not have offical patches At the moment.
We recommend you to install this patch to remove worm files And stop email
sending, otherwise your account will be Blocked.
We had archived the patch becouse the worm can modify Anpacked exe files.
You should open the archive file, enter The password and run the patch
immediately.

Password: van43

Customer Support Center Robot.


_______________________________________________
unisog mailing list
unisog at lists.dshield.org
https://lists.sans.org/mailman/listinfo/unisog



More information about the unisog mailing list