Australians Warned About Malicious Taxation Office and Itinerary Emails

Cybercriminals are spreading malware in an attempt to build a botnet

By Eduard Kovacs on January 23rd, 2013 14:49 GMT

Security solutions provider Symantec is warning Australian users about a cybercriminal campaign which seeks to install a piece of malware on as many computers as possible.

It’s uncertain what the attackers are trying to accomplish and they don’t seem to have a specific target.

The malicious emails appear to originate from various Australian organizations, such as the Australian Taxation Office.

The messages purporting to come from the Taxation Office are entitled “Tax Agent Report – Delayed Tax Returns,” and they urge recipients to view their weekly reports contained in the attached file.

In another instance, the malware is hidden in files attached to itineraries entitled “Check-in Details.”

Once executed, the malware that’s attached to these emails connects to command and control servers hosted on Russian and Polish domains. Then, it downloads and executes additional malicious files.
Bogus itinerary email (click to see full)
   Bogus itinerary email (click to see full)
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments