ok, here's something else I found on a blog:
Quote:
So you're sitting there scratching your head thinking "What order?" Boy oh boy… I sure as heck didn't oder no stinkin $2,449.99 Sony VAIO from Circuit City!
Really makes ya wanna open that zip file to see if you've been had, right?
The supposed PDF attachment is really an executable named 37679041.exe, which is detected by AV vendors by various names. Kaspersky named it Backdoor.Win32.Haxdoor.lf. Symantec detects it as Backdoor.Haxdoor.R and others are calling it a variant of Goldun. Whatever you call it, it's quite an evil piece of malware. Haxdoor typically uses rootkit technology to mask itself. Haxdoor is known to steal passwords, give a remote attacker access to the machine, may display advertising and often makes changes to the registry that lower system security. Some variants also disable software firewalls and anti-virus apps. McAfee has a report here.
|