Franklin Veaux (tacit) wrote,
Franklin Veaux

  • Mood:

Evolution of the W32/Kuluoz malware scam

Well, boys and girls, it looks like the malware distribution I talked about here and here has morphed again. This morning, I started receiving emails that pretend to be DHL delivery notifications, rather than American Airlines ticket sales or FedEx notifications:

As before, the links take you to hacked WordPress or Joomla sites that will examine your browser user-agent. If you're on a Mac or Linux computer, or you're using a modern Windows browser, you'll see a phony 404 Not Found error that looks like this:

If you're using a Windows browser that has vulnerabilities, the link will download a copy of the W32/Kuluoz information and bank password stealing malware.

Stay safe out there.
Tags: computer security, computer viruses
  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 1 comment