Tag: transaction | My Online Security

java jacksbot delivered by spoofed western union malspam FINAL WARNING FOR SENDING LIMIT BREACH

Posted on 18 November 2016 7:44 am by Myonlinesecurity18 November 2016 7:44 am

The next in the never ending series of malware deliveries is an email with the subject of FINAL WARNING FOR SENDING LIMIT BREACH pretending to come from Western Union – Agent Support Team <emeagentsupports.westernunion@gmail.com> delivers java Adwind / Java Jacksbot . They are using a totally different delivery method today, with the download link buried in the email that delivers a.exe file that in turn is renamed to a legitimate windows process winlogin.exe that extracts the embedded java,jar file to run the jacksbot Trojan. We continue to be plagued daily by these fake financial themed emails containing java adwind or Java Jacksbot … Continue reading →

java jacksbot delivered by spoofed MoneyGram International malspam

Posted on 16 November 2016 7:29 am by Myonlinesecurity16 November 2016 7:29 am

We continue to be plagued daily by fake financial themed emails containing java adwind or Java Jacksbot attachments. I have previously mentioned many of these HERE. We have been seeing these sort of emails almost every day and there was nothing much to update. Today’s has a slightly different subject and email content to previous ones. This appears to be a newish Java jacksbot version in this email, see below for details. From what I can see until recently many antivirus companies detected these as Java Adwind. Now they are calling them Java Jacksbot. From what I can see there is almost no … Continue reading →

Email malspam Transactions delivers Locky

Posted on 2 November 2016 10:53 am by Myonlinesecurity2 November 2016 10:53 am

The next in the never ending series of Locky downloaders is an email with the subject of Transactionscoming as usual from random companies, names and email addresses with a semi-random named zip attachment starting with last_transactions_ containing a VBS file that pretends to be a PDF if you do not have Show file extension enabled They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. This … Continue reading →

Transactions details malspam delivers Locky

Posted on 23 September 2016 6:54 am by Myonlinesecurity23 September 2016 6:54 am

The next in the never ending series of Locky downloaders is an email with the subject of Transactions details coming as usual from random companies, names and email addresses with a random named zip attachment containing a .JS file named Transactions details scan {random characters}.js They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. One of the emails looks like: From: Lora Mooney <Mooney.771@gallerystock.com> Date: Fri 23/09/2016 … Continue reading →

Attached is the bank transactions made from the company during last month malspam delivers Locky

Posted on 31 August 2016 8:50 am by Myonlinesecurity31 August 2016 8:50 am

The plague of Locky continues with an email with the subject of bank transactions coming from random senders, companies and email addresses with a random named zip attachment containing a JS file They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. One of the emails looks like: From: Marlene Carrillo <Carrillo.170@veloxzone.com.br> Date: Wed 31/08/2016 07:35 Subject: bank transactions Attachment: b231f370cf0.zip Body content: Good morning gold. Attached is … Continue reading →

Java Adwind Trojans via fake transaction malspam emails

Posted on 20 July 2016 6:09 am by Myonlinesecurity20 July 2016 6:09 am 2

Overnight we received 2 separate sets of malspam emails both eventually leading to the same Java Adwind Trojan They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. Neither of the companies listed appear to have been hacked or had their email or other servers compromised. They are not sending the emails to you. They are just innocent victims in exactly the same way as every recipient … Continue reading →

malspam emails with Java adwind Trojans

Posted on 1 July 2016 7:01 am by Myonlinesecurity1 July 2016 7:01 am

We are seeing emails daily with a zip attachment containing java jar file which are variants of Java Adwind Trojan. These are very nasty backdoor Remote Access, password stealers. The immense danger of JAVA files being sent by email cannot be overstressed. JAVA is a cross browser/ cross OS language and JAVA works on any operating system, Windows, Apple MAC and Linux and even Android and Chromebook, if you have Sun Java installed. This is why JAVA is so dangerous, we have been warning for years not to have it installed unless you actually need it and use it. The vast majority … Continue reading →

My Online Security

Keep yourself safe online

Tag Archives: transaction