copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Training
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login

  Home » Publications » AusCERT Web Log » Delivering Bad Packages
 

Delivering Bad Packages
Date: 25 July 2008

Click here for printable version

Greetings,

We saw another trojan mail run this week (amongst all the Storm messages and such). You may have seen a few of them claiming to be from the UPS delivery service with a form to collect your 'undelivered package'. A form that had a .exe extension. And was packed in a zip file....

Despite the fact that a zipped executable should be considered a little suspicious in an unexpected email from a company you have had no prior dealings with by now, we received a surprising number of reports of people going out of their way to open the 'form' anyway.

Along with an increasing torrent of malicious spam, DNS continues to be an issue. Details of the problem with almost all existing DNS servers have been released, so its probably a good idea to check that your DNS is AOK.

One thing to note is that if you (or someone else) have used the unmodified Metasploit DNS module to test your DNS, you might want to check for any records with the IP 1.3.3.7 in your cache and remove them.

Regards,
MDB


Comments? Click here http://www.auscert.org.au/render.html?cid=7066&it=9634