12345

5/03/2012

[Caution] Malicious e-mail about BBB(Better Business Bureau)


1. Information


INCA Internet response team detected malicious e-mail disguised as sent by BBB(Better Business Bureau). This is the first case of being found in Korea. The Better Business Bureau (BBB), founded in 1912, is a corporation consisting of a number of separately governed and incorporated local BBB organizations in the United States and Canada, affiliated with the Council of Better Business Bureaus (CBBB).
Besides, getting "satisfactory" from BBB on a company is boastful.



2. Spreading cases

- http://atlanta.bbb.org/article/its-back-fake-bbb-complaint-email-makes-rounds-in-2012-32038

[Caution] Malicious files disguising as sent logistics services companies 

Malicious e-mail is disguised sent by Better Business Bureau <info@bbb.org>. Its title and contents are also disguised as sent by BBB.


Attached "BBB Report.zip" contains "BBB report.exe", which is an executable file.


When executing "BBB report.exe", it creates its clone as a svchost.exe on "All Users folder".


And it adds registry on following path and makes run on booting.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SunJavaUpdateSched   c:\documents and settings\all users\svchost.exe



svchost.exe tries to access TCP/IP, yet it doesn't connect certain host.

3. Summary

Spreading malicious file with social engineering is one of traditional technique. To use PC safely from security threats of these malicious attachments, we recommend you download latest security updates and obey following "Security management tips" for general users.

Security management tips

1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function “ON”
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.

INCA Internet (Security Response Center / Emergency Response Team) runs responding system against various security threats.

13 comments:

  1. Regardless of the individual need/quality/benefits related to these illegal immigrants, the un-disputable fact is that they are not following legally established channels to enter.
    Source - essay-grader.com

    ReplyDelete
  2. You could also examine this blog post for some useful tips on how to write good looking personal statement. I think it could help

    ReplyDelete
  3. Welcome to shell shockers ! In this game you will become a soldier in the shape of an egg. Shoot ceaselessly, jump from one side to another, try to get through all obstacles and attack your opponents. How long do you think you can survive?

    ReplyDelete
  4. Just check my source for more useful information on this matter!

    ReplyDelete
  5. PUBG LITE is impeccable with low-end Computers without representations card and higher RAM. PUBG Lite pre-selection wrapped up on July 3, 2019. pubg mobile lite ps4 / ps3 It's the D-day for the admirers of PlayerUnknown's Battlegrounds as the Lite version of the battle royale game, PUBG Lite, will be pushed today for instance July 4.

    ReplyDelete
  6. Nice article
    Thanks for sharing the information
    Please support
    Link:https://www.leadmirror.com/
    Link: https://www.leadmirror.com/features
    Link: https://www.leadmirror.com/pricing/explorer
    Link: https://www.leadmirror.com/faq
    Link:https://www.leadmirror.com/aboutus
    Link:https://www.leadmirror.com/contactus
    Link:https://www.leadmirror.com/tool/seo-report

    ReplyDelete
  7. Usually I never comment on blogs but your article is so convincing that I never stop myself to say something about it. You’re doing a great job Man, Keep it up. Buy Best Sex Toys, Sex Toys in India, Sex Toys USA, Dildo, Vibrators, Sex vibrators, Sex Doll

    ReplyDelete