Swatkat's rants

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Wednesday, 7 January 2009

Fake eCard updates

Posted on 11:50 by Unknown
Fake eCard spam mails continue to circulate even after the new-year excitement is settled down. As usual, these mails contain links to downloadable fake greeting cards that are generally named "card.exe" or "postcard.exe".


When executed, these malicious executables turn your PC into a zombie machine that becomes a part of Storm/Waledac botnet (more information can be found here and here).


Newer variants of fake eCard executables (hosted at http://topgreetingsite.com - do NOT visit that site! ) are not detected by many AVs as of now (as seen in VirusTotal scan here). An automated analysis of this file is available at ThreatExpert here.
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Ax Video Plugin
    Ax Video Plugin is one of the latest fake codec/plugin in the block. The site http://axvideodownload.com/ uses the same old fake "Vide...
  • Javacool EULAlyzer!
    Have you ever read those ultra-long EULA (End User License Agreement) pages while you are installing any software? I think no one will read ...
  • Zlob brings back fake MP3s!
    Last August, I had blogged about Zlob gang using fake MP3 download sites to push their malware (link here ). Afterwards, we started to see m...
  • twitcurl - C++ twitter API library
    twitcurl is an open-source pure C++ library for twitter REST APIs. Currently, it has support for most of the twitter APIs and it will be upd...
  • ThinkPoint rogue antivirus
    ThinkPoint is a new addition to the long list of rogue antivirus programs. ThinkPoint uses fake codec download tricks for its distribution. ...
  • Rootkit detection, removal and prevention!
    Here's a Wiki definition for Rootkit: A Rootkit is a set of software tools frequently used by a third party (usually an intruder) after...
  • Antivirus 360 featured in top PC magazines and antivirus certification labs!
    No, we are not talking about Norton 360 , which is a genuine security software. This is about Antivirus 360 , one of the latest rogue securi...
  • yelpcurl - C++ Yelp API library
    yelpcurl is an open-source, pure C++ wrapper for Yelp's RESTful APIs . The library currently supports all the APIs provided by Yelp. yel...
  • Windows Filtering Platform (WFP) user mode examples
    So far, in Windows 2000/XP/2003 operating systems the packet filtering APIs ( PfXxx APIs) were used to implement TCP/IP packet filtering a...

Categories

  • a.exe
  • Autohotkey
  • C++
  • fake mp3 downloads
  • gop.exe
  • NewMediaCodec
  • OAuth
  • Orkut hating virus
  • Privacy Protector
  • rootkit
  • SysProt AntiRootkit
  • TDSServ rootkit removal
  • twitCurl
  • twitter
  • Udefender
  • Ultimate Cleaner
  • vdo_
  • Zlob
  • Zlob rootkit

Blog Archive

  • ►  2013 (1)
    • ►  June (1)
  • ►  2010 (6)
    • ►  October (2)
    • ►  September (2)
    • ►  July (1)
    • ►  April (1)
  • ▼  2009 (12)
    • ►  September (1)
    • ►  May (1)
    • ►  April (1)
    • ►  March (4)
    • ▼  January (5)
      • New rogue: IE-Security
      • AntiSpyware 2009 and AntiSpywareBOT: Neighbours in...
      • Fake Obama websites spreading malware
      • Fake eCard updates
      • SysProt AntiRootkit v1.0.0.8 released
  • ►  2008 (44)
    • ►  December (6)
    • ►  November (6)
    • ►  October (4)
    • ►  September (15)
    • ►  August (2)
    • ►  June (2)
    • ►  May (1)
    • ►  April (1)
    • ►  March (6)
    • ►  January (1)
  • ►  2007 (38)
    • ►  December (1)
    • ►  November (2)
    • ►  October (9)
    • ►  September (2)
    • ►  August (8)
    • ►  July (11)
    • ►  June (3)
    • ►  March (2)
  • ►  2006 (6)
    • ►  September (1)
    • ►  August (2)
    • ►  May (1)
    • ►  February (2)
  • ►  2005 (30)
    • ►  December (2)
    • ►  November (2)
    • ►  October (4)
    • ►  September (5)
    • ►  August (11)
    • ►  July (6)
Powered by Blogger.

About Me

Unknown
View my complete profile