Incidents spamming Trojans

Net-integrations, a site dedicated to malware removal and especially known for its forum has fallen victim to malicious hackers.
Attackers seem to have made use of a vulnerability in the forum software used by Net-integrations to gain access to the server, although this has not yet been confirmed.
The most notable effect so far has been that the server has sent out many emails containing a link to a trojan.

It’s is not the first time an anti-malware site gets compromised via the accompanied forum.
Although phpBB is often the target, this time Invision Power Board fell victim.

A spammed mail looks like this:
(Email adress slightly altered)

From: “Net-Integration Forums”
To: webmaster@net-]integration[.net
Subject: Protect Your PC !!! ( From Net-Integration Forums )

Protect Your PC !!!

Please download antivirus protection

The file, which next to a Kaspersky related filename also has a Kaspersky AV-like icon, is detected by Kaspersky Anti-Virus as Trojan-Spy.Win32.LdPinch.gen.
LdPinch is a very popular password stealing Trojan family, a generic description of it can be found here.

Several copies of this email have been sent out by the hacker to the members of the forum.

This incident once again shows that your operating system as well as all software needs to be kept uptodate and patched.
I do wonder if the attacker fellt s/he would have much success spamming a security conscious crowd. spamming Trojans

Your email address will not be published. Required fields are marked *



APT trends report Q1 2024

The report features the most significant developments relating to APT groups in Q1 2024, including the new malware campaigns DuneQuixote and Durian, and hacktivist activity.

Subscribe to our weekly e-mails

The hottest research right in your inbox