Analisado porNeil Yves Pondo

The use of bogus invoices remains an effective social engineering tactic as seen in the continuous usage of such technique. Recently, we spotted a spammed message written in German language that purports as a notification. It informs users that their invoice is contained in the attached .ZIP file. When users opened the attachment, it executes a malware detected as TSPY_BEBLOH.MJM. This spyware steals information such as IP address, OS version, hardware ID, and socks port among others. It also monitors websites related to financial institutions and steals FTP credentials on the infected system. 

Trend Micro protects users from this threat via its Smart Protection Network that detects the spam and malicious file.

 Data/Hora do bloqueio de spam: 07 fevereiro 2013 GMT-8
 TMASE
  • Versão do mecan
  • Patrón TMASE: 9620

Arquivo correspondente