[sanesecurity] Re: Fake alert email

Thanks Steve & Tom,
I saw a few detections for this today, and this may have saved a few "less
intelligent" clients from infecting themselves. 

-----Original Message-----
From: sanesecurity-bounce@xxxxxxxxxxxxx
[mailto:sanesecurity-bounce@xxxxxxxxxxxxx] On Behalf Of Tom Shaw
Sent: Monday, October 19, 2009 8:38 AM
To: sanesecurity@xxxxxxxxxxxxx
Cc: sanesecurity_announce@xxxxxxxxxxxxx
Subject: [sanesecurity] Re: Fake alert email

At 4:22 PM +0100 10/19/09, Steve Basford wrote:
>Hi all,
>
>Looks like we just got a run of a fake ConXflicker.BXInfectionXAlert 
>(remove X's) this time with an install zip payload.
>
>A variant of: http://blogs.zdnet.com/security/?p=3105
>
>Just added Detection as:
>
>Sanesecurity.Malware.12892
>Sanesecurity.Malware.12893
>Sanesecurity.Malware.12894
>

Pushed out winnow sigs for same earlier today.

Tom



Other related posts: