Zhelatin.pe, Christmas Greeting Ecards
Chirstmas-2007.zip Spreads via MSN
We must tell everyone that Zhelatin/Storm Worm gang has begun active now.
After we received Zhelatin.pe several hours ago, we received another varaint Zhelatin.pd. It also masquerades as Christmas theme.
The spams are like the following:
Subject: (one of the following)
Find Some Christmas Tail
Looking for something hot this Christmas
Merry Christmas To All
Seasons Greetings
The Twelve Girls Of Christmas
Body:
When users click this link(merrychristmasdude.com), it shows the following page:
"stripshow.exe" will be downloaded from this page:
The size is about 132KB, Kaspersky detects it as Email-Worm.Win32.Zhelatin.pd.
We suggest administrators should block this domain(merrychristmasdude.com) at once because the IP address of the site changes every second.
Last modified by smallmo onDecember 25, 2007 10:20
After we received Zhelatin.pe several hours ago, we received another varaint Zhelatin.pd. It also masquerades as Christmas theme.
The spams are like the following:
Subject: (one of the following)
Find Some Christmas Tail
Looking for something hot this Christmas
Merry Christmas To All
Seasons Greetings
The Twelve Girls Of Christmas
Body:
When users click this link(merrychristmasdude.com), it shows the following page:
"stripshow.exe" will be downloaded from this page:
The size is about 132KB, Kaspersky detects it as Email-Worm.Win32.Zhelatin.pd.
We suggest administrators should block this domain(merrychristmasdude.com) at once because the IP address of the site changes every second.
Last modified by smallmo onDecember 25, 2007 10:20
sandra Says :
December 26, 2007 03:53
why the Police doesn't shut down this illegal site merrychristmasdude.com?
Pages: 1/1 
1 
1
