DarkFiber Consulting – IT Managed Services

United States Presidential Election Email Attack

November 6th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of email attacks circulating that are related to the recent U.S. presidential election. The email messages appear to be coming from a seemingly legitimate source and contain a message indicating that additional news coverage of the election is available by following a link. The link directs users to a website that appears to contain a video of the president elect. The website will instruct the user to update to a new version of Adobe Flash Player in order to view the video. This update is not a legitimate Adobe Flash Player update; it is malicious code. If the user downloads this executable file, malicious code may be installed on the system.

DarkFiber Consulting encourages users to take the following preventative measures to mitigate the security risks:

  • Install antivirus software, and keep the virus signatures up to date.
  • Do not follow unsolicited links.
  • Use caution when visiting untrusted websites.
  • Use caution when downloading and installing applications.
  • Obtain software applications and updates directly from the vendor’s website.
  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
  • Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

New Storm Worm Activity Spreading

July 29th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of a new Storm Worm Campaign. The latest campaign is centered around messages related to the Federal Bureau of Investigation and Facebook. This Trojan horse virus is spread via an unsolicited email message that contains a link to a malicious website. This website contains a link, that when clicked, may run the executable file “fbi_facebook.exe” to infect the user’s system with malicious code.

Reports, including a posting by Sophos, indicate the following email subject lines are being used. Please note that subject lines can change at any time.

  • F.B.I. may strike Facebook
  • F.B.I. watching us
  • The FBI’s plan to “profile” Facebook
  • The FBI has a new way of tracking Facebook
  • F.B.I. are spying on your Facebook profiles
  • F.B.I. busts alleged Facebook
  • Get Facebook’s F.B.I. Files
  • Facebook’s F.B.I. ties
  • F.B.I. watching you

DarkFiber Consulting encourages users and administrators to take the following preventative measures to help mitigate the security risks: