Thu, Apr 16 2009 7:05
Fake SMS Reader Spam in Russian Language
Websense Security Labs™ ThreatSeeker™ Network has
discovered a new Russian language spam campaign spreading widely by
email, that lures users into downloading a fake SMS reader application.
We have received hundreds of these malicious emails through our
HoneyPot system. The email messages are written in Russian and claim to
introduce the latest version of their SMS Reader V4.0, which can
download SMS messages to any mobile phone anonymously and
automatically. At the end of the email they provide the link to
download a free trial version which, when clicked, downloads a trojan
file with MD5 104032f2a5789a2468fb47005ae256ee. See AV detection report
here. Each spam email contains a URL link to a seemingly randomly-named executable hosted on Russian hosting servers.
Filed under: Alerts