F-Secure found Fake Christmas card and New Year greeting malwares

India, December 19, 2007 － Greeting card spam serving as a cover for malicious downloads has been hitting inboxes recently in the form of fake Christmas cards.

Internet security service provider F-Secure has found numbers of Christmas card malware in circulation around the globe. The links, embedded in an email, are masked and point to a fake Yahoo greeting card website, run in conjunction with American Greetings.

The site prompts the user to click the URLs in the message, a fake website appears with a request to download the latest Adobe Flash Player, which in fact is a malicious software called “macromedia-flashplayerupdate.exe”

F-Secure detect this file as an Agent variant. It collects various types of information from the infected machine and sends it back to the malware author via a website.

Now the fake Christmas greeting card is joined by Happy New Year… .exe which is another spam to worry about this season.

F-Secure found that some clown is spamming around an attachment called Happynewyear.exe (md5: 978f25a5ef399b7090454ae2ca4fc364).

This is how the spam works. When run, this malware drops a nice Christmas tree to your desktop and Systray.

The malware itself (detected as Trojan-PSW:W32/Delf.BBE by our antivirus) steals passwords and other assorted information and sends them to lbss.3322.org. Stay away, don’t click, et cetera.

“The popularity of e-cards provides a fertile ground for malware authors,” said Patrik Runald, Senior Security Specialist, F-Secure Security Labs APAC. “Spammers have a long tradition of trying to lure people from emotional responses like e-cards. We suggest users to pay attention to suspicious email and keep update your anti-virus software or use manual removal tool to delete any .exe file.”

For more information, please go to F-Secure weblog: http://www.f-secure.com/weblog or contact below representative for enquiries:

Editor’s note

F-Secure Corporation protects consumers and businesses against computer viruses and other threats from the Internet and mobile networks. F-Secure’s award-winning solutions are available as a service subscription through more than 150 Internet service provider and mobile operator partners around the world, making F-Secure the global leader in this market. The solutions are also available as licensed products through thousands of resellers globally.

F-Secure has received the Frost & Sullivan 2007 award for Distribution Strategy Leadership. The company aspires to be the most reliable security provider, helping make computer and smartphone user’s networked lives safe and easy. This is substantiated by the company’s independently proven ability to respond faster to new threats than its main competitors.

Founded in 1988, and headquartered in Finland, F-Secure has been listed on the Helsinki Exchanges since 1999. The company has consistently been one of the fastest growing publicly listed companies in the industry. The latest news on real-time virus threat scenarios is available at the F-Secure Data Security Lab weblog at http://www.f-secure.com/weblog/

F-Secure Corporation

Hazel Hassan

Direct:+60322640366
Mobile:+60172724611
Email:hazlina.puspa.hassan {at} f-secure(.)com

CMCG India

Bidyananda

Tel- 01126236470

Mobile- 9811143686

Email : Bidyananda.h {at} cmcgindia(.)com