Wednesday, December 03, 2008

Is nothing sacred?

Those of you who are intent on saving a few bob by sending ecards rather than the real thing beware. It might cost you more than the price of a stamp.

Websense Labs claims to have detected the first piece of seasonal malware.

The campaign masquerades as an electronic Christmas greetings card from postcards.org. The email shows an animated Christmas scene, but links through to a file called postcard.exe that leads to a Trojan backdoor that's been used in previous malicious spam campaigns.

If executed, the file could grant hackers access to resources on the infected machine, via an IRC session.

Victims are shown a picture of a Christmas tree during the installation process in an almost laughable attempt to distract their attention.

The malware writers clearly have their fingers on the economic pulse, with e-card sites aggressively promoting their services as a cheaper and more environmentally friendly alternative to traditional Christmas cards this year.

Any ecards that you get from me will have come from the excellent Jacquie Lawson collection. I can guarantee that you will not risk any virus, trojan horse or any other malware infection by opening one of my cards.

No comments: