We all know the email is one of the most popular methods to distribute malicious files on the web but in the recent period, the spam campaigns have become really dangerous. Today, a new dangerous spam attack was confirmed by Websense Security Labs but the interesting fact is that it involves the name of Samsung, one of the top mobile companies in the
According to the reports, unsolicited emails apparently signed by Samsung try to get the users on dangerous websites containing a Trojan horse which aims to harm the computers. It seems like the infected file opens the Samsung Mexico website and a pornographic page, only a few antiviruses being able to detect and disinfect/remove the Trojan horse.
The email is entirely written in Spanish, the Trojan being identified under the 'SAMSUNG.EXE' executable file. Websense Security Labs sustain the Spanish message asks users to join the Samsung Fan Club using the attached malicious link.
"Upon running the file it modifies several Windows components, including the hosts file, and opens Internet Explorer to both the real Samsung Mexico website and an adult entertainment website. Also, at the time of testing the file has *very* low detection rates from anti-virus signatures," Websense mentioned in the advisory.
At this time, there is no solution to avoid the infection with the Trojan horse but I recommend you to avoid opening email messages coming from unknown or untrusted sources as well as refuse clicking on the links included in the emails. In addition, you should update the antivirus solution's virus definitions to the latest version in order to be sure there is no infected process running on your computer. However, it's better to remain pretty focused on the email delivered into your inbox because Websense mentioned in the advisory that only a few antivirus products are able to detect the Trojan horse.