Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Websense Security Labs - Trojan - Skype

October 2007 by Websense

Websense® Security Labs™ has discovered a new Trojan Horse / DNS redirector being distributed via email with URL lures. The email message is written in Spanish and presented in HTML. It attempts to lure users click on a link in order to download the business version of Skype.

If users click on the URL, they are directed to a site hosted on the Spanish version of Lycos. The site was up at the time of the alert. The site contains no exploit code, but has a Trojan Horse with the filename "skype.exe" with an MD5 of <80c954716eb2525b634a515ec785f03b>.

When the file runs, it modifies the Windows host file, and opens Internet Explorer to the Spanish version of the Skype Business Version download page. The modification the malware makes to the host file redirects visitors from www.banamex.com to a phishing website. At the time of testing, the file was not detected by anti-virus software.




See previous articles

    

See next articles