No Such Thing As Free Lunch, And Free Supper Will Cost You
People say there is no such thing as a free lunch, and as we’ve recently found out, there’s no such thing as free supper either.
We’ve recently come across a spam run that uses a nonexistent promotion from popular fastfood chain McDonald’s to convince users to execute a malicious file.
The spammed email messages are fashioned as invitations for recipients to “The Free Supper Day” which will supposedly take place on June 29th.
 |
 |
The message tells the user to print the file inside an attached ZIP file, which is the invitation that they must show the cash desk in order to avail of the free food.
But of course, opening the said file will only lead to the installation of the malicious file TROJ_INJECTOR.VI into the user’s system. TROJ_INJECTOR.VI connects to a server and reports the successful system infection. In return, the server sends other malicious files into the affected system.
The malicious files downloaded into the system are now detected as TROJ_CTGOG.VI and TSPY_KARAGNY.VI.
Based on our analysis, it seems that TSPY_KARAGNY.VI is the nastier of the two files, as its routines include the theft of a wide range of information about the affected system and its user. It steals credentials for different applications, such as the following:
- FTP applications
- Instant messaging applications
- Email clients
- Poker game applications
- Web browsers
It also steals information related to different protocols, such as HTTPMail, IMAP, NNTP, POP3 and SMTP.
Users are strongly advised to ignore such emails if they receive them. Considering the significance and amount of information this attack aims to steal, to get victimized for a promised free meal is simply not worth it.
To protect users from this threat, the Trend Micro™ Smart Protection Network™ blocks the email message, detects the attached malicious file, and prevents access to the URLs to which it connects to.
Post from: TrendLabs | Malware Blog – by Trend Micro
Spotlight
Cloud Computing
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- DHS needs better sharing plan, experts say
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- SEC may ask for more information after cyberattacks
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet