Inicio de zonavirus, antivirus
SATINFO

Y AHORA MAILS MALICIOSOS CON NUEVO FORMATO, CON FALSO REMITENTE AMAZON QUE ANEXA NUEVOS LOCKYS

msc hotline sat
jueves, 21 de septiembre de 2017

Y aprovechando que muchos usuarios tienen tratos con AMAZON, se están recibiendo mails maliciosos con dicho falso remitente, anexando fichero malware, lo cual es peligroso por la confianza que el usuario pueda tener con ellos...



El texto del mail reza asi:





Asunto: Invoice RE-2017-09-21-00800

De: Amazon Marketplace <TzAcdZIuncfOfZ@marketplace.amazon.co.uk>

Fecha: 21/09/2017 10:11

Para: DESTINATARIO



------------- Begin message -------------



Dear customer,



We want to use this opportunity to first say "Thank you very much for your purchase!"



Attached to this email you will find your invoice.



Kindest of regards,

your Amazon Marketplace



==











------------- End message -------------



For Your Information: To help arbitrate disputes and preserve trust and safety, we retain all messages buyers and sellers send through Amazon.co.uk. This includes your response to the message below. For your protection we recommend that you only communicate with buyers and sellers using this method.



Important: Amazon.co.uk's A-to-z Guarantee only covers third-party purchases paid for through our Amazon Payments system via our Shopping Cart or 1-Click. Our Guarantee does not cover any payments that occur off Amazon.co.uk including wire transfers, money orders, cash, check, or off-site credit card transactions.



We want you to buy with confidence whenever you purchase products on Amazon.co.uk. Learn more about Safe Online Shopping (http://www.amazon.co.uk/gp/help/customer/display.html?nodeId=11081621).











ANEXADO: RE-2017-09-21-00800.7Z
---> CONTENIENDO RE-2017-09-21-00466.VBS ---> descarga e instala nuevo ransomware LOCKY







La ejecución del fichero contenido en el ZIP (.7z) instala una variante de LOCKY que pasamos a controlar a partir del ElistarA 37.53 de hoy





El preanalisis de virustotal ofrece el siguiente informe:



https://www.virustotal.com/es/file/42471427b822c6a866288c7e588b84e4f3a2631f635c85de796e5c3eda261e98/analysis/1505982388/



Dicha versión del ElistarA 37.53 que lo detecta y elimina, estará disponible en nuestra web a partir del 22/9 prox





saludos



ms, 21-9-2017

RSS Noticias AntivirusRSS Noticias Articulos AntivirusRSS Articulos RSS Descargas AntivirusRSS Descargas

>> Compartir

comparte con tus amigos, zonavirus.com
Redes Sociales en zonavirus

>> FaceBook