Cyberoam, a division of Elitecore and developer of identity-based Unified Threat Management software, today announc...
November 21, 2007
Cyberoam, a division of Elitecore and developer of identity-based Unified Threat Management software, today announced that a new e-mail-borne malware threat has emerged where messages claim to be from a private detective hired to monitor the e-mail recipient.
According to Cyberoam partner Commtouch, the outbreak was first identified on Saturday, and sample subject lines include, “I’m monitoring you”; “You’re being watched”; “Your phone is monitored”; and, “The tape of your conversation.”
The malware distributors have attached a “recording” of the recipient’s phone call in an effort to convince the recipient of their surveillance capabilities, which is actually an executable .scr malware file.
The attachment names are numerical variations on “call1105-10.rar.” and are password-protected, compressed files. The malware inside the attachment is activated when the recipient opens the file with the password provided in the body of the e-mail.
“These techniques indicate the malware author’s ability to successfully launch new variants of malware on the Internet, which is why signature-less protection against these types of attacks is critical,” said Joshua Block, vice president of Cyberoam’s North American operations. “Traditional signature-based protection methods are unable to provide zero-hour protection.”