Christmas Lures Being Distributed Via Spam

Websense® Security Labs™ ThreatSeeker™ Network has discovered that malware authors are already using Christmas themes this year as a social engineering tactic, in an effort to gain control over compromised machines. This campaign uses email messages in the form of e-greetings, leading to supposed animated postcards. These actually lead to a Trojan backdoor that has been distributed in previous malicious spam campaigns.

The email messages, spoofed to appear as though they have been sent from, display an animated Christmas scene. A URL link within the email leads to a malicious file called postcard.exe hosted on various servers.

Once executed, a backdoor is created by the malware author enabling access and control over the resources of the compromised machine. During the install process an image called xmas.jpg is displayed to the user as a distraction technique.

Example of malicious email:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: