Jump to content


Photo

fake Canada Post failed delivery notice


  • This topic is locked This topic is locked
1 reply to this topic

#1 pd4567

pd4567

    New Member

  • Members
  • Pip
  • 3 posts

Posted 05 July 2011 - 03:09 PM

Fake failure to deliver notice from Canada Post, while the site it really directs you to is "~remoced~.com/receipt.pif" If you click on this url it will download a replicating key logger, very difficult to remove. They use a variation on the log site on different messages but the "receipt.pif" is always the same. I did not try to download the keylogger and send as an attachment as a sample and keep it from infecting my computer.

#2 Fatdcuk

Fatdcuk

    Malware BBQ'er

  • Moderators
  • PipPipPipPipPipPip
  • 20,543 posts
  • Gender:Male
  • Location:127.0.0.1

Posted 05 July 2011 - 03:17 PM

Many thanks pd4567,

This is the beasty from that URL :)
http://www.sophos.co...d-analysis.aspx

Attached Files


Ade Gill
Research Engineer

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users