This morning we saw several spam runs in the country of Denmark. The messages are in Danish and they are sent to Danish e-mail addresses.
The e-mail claims to be from us. It's not.
Here's what the email looks like:
From: supportupdate@f-secure.com
Date: 26. August 2008 08:31
Subject: Data er tillagt og sendt med denne meddelelse.
Käre kunder!
Regning
Data er tillagt og sendt med denne meddelelse.
Jeg bruger gratis F-secure antispamversion, som allerede har fjernet 338 spambreve.
Antispam er helt gratis for private brugere.
Attachment: f-secure.rar
The attachment contains a file called
update26.08.2008.exe, which, when run, drops a file called
dcbcg.exe (Unker-related trojan) that connects to a server in Ukraine.
We detect this trojan as
Trojan:W32/Agent.FVO. More information in the
virus description.
The spam run must have been fairly large, as we've received more than 13,000 bounces to
supportupdate@f-secure.com from non-existant email addresses alone.
Watch out and pass the word. On 26/08/08 At 09:44 AM
More...
Linear Mode
