Security company Websense warns in its alert about spam that is disguised as an official email sent from Orkut, Google-owned social network.
A spoofed personal message, in Portuguese, is sent from a user allegedly on the Orkut network seeking love. The message contains several links that appear to lead to the official Orkut Web site. "Clicking on a link actually leads to a malicious executable file, which is a Trojan Downloader named "imagem.exe"", is told in the Websense alert. "The malicious file opens the legitimate Orkut network login page, and in the background downloads a password stealing Trojan named "msn.exe"."
Websense says that the trojans used in this attack are hosted on a compromised labor union web site from southern Brazil.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment