Trojans hide themselves under SPAM porn

Security experts claim that the main goal of this attack by cyber criminals is to trick recipients into downloading malicious software to help them control the system or steal personal information. their secret.

Cyber criminals have just launched a fake new email phishing attack that accuses recipients of linking to a child pornography site.

Security experts claim that the main goal of this attack by cyber criminals is to trick recipients into downloading malicious software to help them control the system or steal personal information. their secret.

The emails above all have the same title 'CP investigation was started' (the investigation of child pornography began) and the content of the email address of the recipient has been found to exist in the body. database of a website specializing in child pornography. This website has been discovered by the Association of Child Protection (ASACP) in an investigation.

The excerpt of the email is as follows:

"I'd like to inform you that investigating activity of a child porno sites; we tìm thấy dữ liệu của cơ sở dữ liệu, trong đó là bạn e-mail. In view of this, I have two versions: either you have the versions: của việc này, hoặc đã gỡ bỏ bạn e-mail này. I sincerely hope that it đã có Residence nào và có sự xác thực trong sự phiên bản này không có. đã gỡ bỏ] I sẽ được biên dịch trong bạn không đang được kết thúc trong này này

' I would like to inform you that in the investigation of child pornography sites, I discovered many email addresses, including your email address . In case This, I think you may be the customer of the above porn site or your email address just happened to appear in that site's database. I really hope that this is just a case of love and you probably want this to be just a coincidence. If you are willing to donate to our website a bit. This will also be a proof that I am not related to that porn site . '

In fact, along with the email mentioned above is a trojan called Agent-CPK. Information from security firm Sophos said this is a trojan capable of changing browser settings such as browser abduction, home page changes .

The Agent-CPK trojan usually hides in a file named ' asset576.zip '. Extracting this file the user will receive a file named ' asset.txt .exe '. If clicking on the trojan file will be activated and infect the system.

'The danger here is that users who receive the email often worry that their address has been detected on a pornographic site. They will open email and be infected with trojans , 'Graham Cluley - Sophos senior technology consultant - warned.

ASACP posted warning information about the above campaign on the association's official website.

Hoang Dung