The Tech Herald

Stratfor customers plagued by malicious emails

by Steve Ragan - Feb 14 2012, 08:00

No love for Stratfor customers this Valentine's Day. (IMG:J.Anderson)

People whose email addresses were leaked during the Stratfor breach are being targeted by malicious emails, Microsoft says. The messages themselves, ironically enough, are warnings that advise those impacted by the breach to avoid these exact types of scams.

The messages arrive with a PDF attachment, named simply “stratfor.pdf”. Once opened, the PDF displays a letter discouraging the reader from opening emails and attachments from “doubtful senders” and encourages them to “check all e-mails and attachments with antivirus.”

“We also warn you about the distribution of harmful software through our website! In order to protect your data we strongly recommend you to download [antivirus] and check your computer for Win32Azee virus,” the message exclaims.

The message is mostly harmless at this point, aside from the link to download the anti-virus software. The link itself points to either a server in Turkey or Poland, and serves a variant of the ZBot Trojan, which will siphon off personal information including passwords and financial details.

In the aftermath of the Stratfor breach, the company stated that they would never ask for personal information via email, nor would they ask a customer to open an attachment or download files. In fact, the message delivered with this scam warns of a false virus, and claims Stratfor was compromised in such a way that their website was delivering Malware. That never happened.

However, a list of 860,000 email addresses and passwords were taken by Anonymous during the breach, and this scam seems to be targeting the list directly. The Tech Herald spoke to three people who were on the compromised list, and each of them noticed similar emails. However, they did not retain copies of them for examination, as they did the correct thing and deleted them on sight.

It won’t be long before the list of 860,000 Stratfor customers is exhausted. When that happens, the scam will spread to other email addresses hoping to capitalize on the attention given to the Stratfor breach by the media.

The time tested advice to ignore random emails, as well as to avoid following links and opening attachments, still stands. Oddly, even the scammers involved in this scheme are promoting the same thing.

The ZBot variant is being flagged by all major security vendors, and Microsoft is flagging the PDF file itself on top of that.

Around the Web

Comment on this Story

comments powered by Disqus
Security
Index
News
 
Features
Reviews

From Autosaur.com

Daniel Day-Lewis and Yasmin Le Bon at Mille Miglia rally in Italy

Jaguar have released a cool little film about their experience at this year’s Mille Miglia car rally in Italy — featuring stars including triple Oscar-winner Daniel Day-Lewis and model Yasmin Le Bon. The video has short interviews with several of the famous participants about taking part in the 1,000-mile event, which celebrates the original Mille [...]

The post Daniel Day-Lewis and Yasmin Le Bon at Mille Miglia rally in Italy appeared first on Autosaur.

Man wins Batman version of Nissan Juke

A BATMAN fan has won a special version of the Nissan Juke inspired by the films — and which has a string of features more normally seen on the Batmobile. Adam Williams was presented with the matt black vehicle after a real Batmobile (well, as real as they get) was driven through the streets of the [...]

The post Man wins Batman version of Nissan Juke appeared first on Autosaur.

Lamborghini Gallardo Pictures

Pictures of the Lamborghini Gallardo. The Gallardo was first made in 2003 and is Lamborghini’s most popular model to date with more than 10,000 built in the first seven years alone. They originally had a 5.0 liter V10 engine, but from 2008 onwards featured a 5.2 liter V10 prodcing 552horsepower. It can do 0-62mph in [...]

The post Lamborghini Gallardo Pictures appeared first on Autosaur.