Sanesecurity ClamAV blog: zero hour malware, phishing and scams
A hopefully interesting blog from the world of zero hour malware, phishing, scams and spams
Amazon3
Pages
Home
FAQ
Online Scanners
Adware
Rescue CD
Backups
Shop
Disclaimer
Amazon
Wednesday, 22 October 2014
Fake iTunes phishing blocked again...
Oh dear... iTunes email just coming in...
... but it's blocked by:
Sanesecurity.Phishing.Fake.24204
which was added a day ago...
Here's one site's view of the situation.... and it's history over time...
Malware via Word documents
We seem to be receiving a few variants of word documents at then moment, containing macros to download externally hosted malware.
3 variants of these documents so far...
VirusTotal 1
VirusTotal 2
VirusTotal 3
I've added detection for all these types, in phish.ndb as:
Malware Detected as: Sanesecurity.Malware.24509.DocHeur
ClamAV 3rd Party signatures:
http://sanesecurity.com
#clamav #sanesecurity #malware
Sample Subjects:
Commercial Debt Recovery, Ref No:
Industrial Invoices
Employee Documents - Internal Use
Reference:
Newer Posts
Older Posts
Home
Subscribe to:
Posts (Atom)
3 variants of these documents so far...
VirusTotal 1
VirusTotal 2
VirusTotal 3
I've added detection for all these types, in phish.ndb as:
Malware Detected as: Sanesecurity.Malware.24509.DocHeur
ClamAV 3rd Party signatures: http://sanesecurity.com
#clamav #sanesecurity #malware
Sample Subjects:
Commercial Debt Recovery, Ref No:
Industrial Invoices
Employee Documents - Internal Use
Reference: