DarkFiber Consulting – IT Managed Services

H1N1 Malware Campaign Circulating

December 10th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of a malware campaign circulating. This campaign is circulating via email messages offering information regarding the H1N1 vaccination. This email messages contain a link to a bogus Centers for Disease Control and Prevention website. Users who click on this link may become infected with malware. Public reports indicate that these email messages are noted as having subject lines such as: “Governmental registration program on the H1N1 vaccination” and “Your personal vaccination profile.” Please note that subject lines may change at any time.

DarkFiber Consulting encourages users to take the following precautions to help mitigate the risks:

  • Install antivirus software, and keep the signature files up to date.
  • Do not follow unsolicited links and do not open unsolicited email messages.
  • Use caution when visiting untrusted websites.
  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
  • Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on avoiding social engineering attacks.

New Storm Worm Activity Spreading

July 29th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of a new Storm Worm Campaign. The latest campaign is centered around messages related to the Federal Bureau of Investigation and Facebook. This Trojan horse virus is spread via an unsolicited email message that contains a link to a malicious website. This website contains a link, that when clicked, may run the executable file “fbi_facebook.exe” to infect the user’s system with malicious code.

Reports, including a posting by Sophos, indicate the following email subject lines are being used. Please note that subject lines can change at any time.

  • F.B.I. may strike Facebook
  • F.B.I. watching us
  • The FBI’s plan to “profile” Facebook
  • The FBI has a new way of tracking Facebook
  • F.B.I. are spying on your Facebook profiles
  • F.B.I. busts alleged Facebook
  • Get Facebook’s F.B.I. Files
  • Facebook’s F.B.I. ties
  • F.B.I. watching you

DarkFiber Consulting encourages users and administrators to take the following preventative measures to help mitigate the security risks:

New Storm Worm Variant Spreading

July 14th, 2008 . by DarkFiber Consulting

DarkFiber Consulting has received reports of new Storm Worm activity. The latest activity uses messages that refer to the conflict in the Middle East. This Trojan is spread via unsolicited email messages that contain a link to a malicious website. The website is noted as having the following malicious characteristics which may be used to infect the user’s system with malicious code.

  • A video that, when opened, may run the executable file “iran_occupation.exe.”
  • A banner add that, when clicked, may run the executable file “form.exe.”
  • A hidden iframe linked to “ind.php.”

Reports, including a posting by Sophos, indicate that the following subject lines are being used. Please note that subject lines can change at any time.

  • 20000 US soldiers in Iran
  • Iran USA conflict developed into war
  • More than 10000 Iranians were murdered
  • Negotiations between USA and Iran ended in War
  • Occupation of Iran
  • Plans for Iran attack began
  • The Iran’s Leader Mahmoud Ahmadinejad declared Jihad to USA
  • The World War III has already begun
  • The begining of The World War III
  • The military operation in Iran has begun
  • The secret war against Iran
  • Third War in Iran
  • Third World War has begun
  • US Army crossed Iran’s borders
  • US Army invaded Iran
  • US army is about 20 kilometers from Tegeran
  • US soldiers occupied Iran
  • USA attacked Iran
  • USA declares war on Iran
  • USA occupeid Iran
  • USA unleashed war on Iran
  • War between USA&Iran
  • War with Iran is the reality now
  • Washington prefers to shoot first

DarkFiber Consulting encourages users and administrators to take the following preventative measures to help mitigate the security risks: