1. Introduction
INCA Internet response team detected malicious e-mail disguised as Windstream service in Korea. Its title is "Your Windstream bill is available for viewing". It doesn't contain attachment; however, it has malicious link for trying to infect malicious file. It contains various malicious web sites, which is run by Blackhole Web Malware Exploitation Kit, attacker can monitor infection status and can attack with various exploits on real-time. Because there are a lot of malicious e-mails in Korea in these days, users need to be careful by these malicious e-mails.
- E-mail disguised as sent by Windstream
- No attachment, to induce user to click malicious URL
- Hard to detect due to various malicious web sites
- Being infected by just clicking
2. The body of malicious e-mail
[Warning] Malicious e-mails disguising as image file were found.
[Warning] Malicious personal message from fake LinkedIn friend
[Warning] Malicious file about portrait infringement
E-mail can be sent to uncertain users as following types. Its body contains various malicious URLs.
Title : Your Windstream bill is available for viewing
Its body contains various malicious URLs.
hxxp://kocaeliyuz****.com/XRVTGJvu/index.html?s=883&lid=2324&elq=11f7b1b5179f45b09737bdf10d0fe61f
hxxp://findingaplu****.com/cousfaek/index.html?s=883&lid=2325&elq=11f7b1b5179f45b09737bdf10d0fe61f
hxxp://glassdirec****.com.au/8t6d37YU/index.html?s=883&lid=2325&elq=11f7b1b5179f45b09737bdf10d0fe61f
hxxp://miespaciopil****.com/5AWZcNGb/index.html?s=883&lid=2327&elq=11f7b1b5179f45b09737bdf10d0fe61f
hxxp://radiog****.net/8t6d37YU/index.html?s=883&lid=2328&elq=11f7b1b5179f45b09737bdf10d0fe61f
hxxp://findingaplu****.com/cousfaek/index.html?s=883&lid=2325&elq=11f7b1b5179f45b09737bdf10d0fe61f
hxxp://glassdirec****.com.au/8t6d37YU/index.html?s=883&lid=2325&elq=11f7b1b5179f45b09737bdf10d0fe61f
hxxp://miespaciopil****.com/5AWZcNGb/index.html?s=883&lid=2327&elq=11f7b1b5179f45b09737bdf10d0fe61f
hxxp://radiog****.net/8t6d37YU/index.html?s=883&lid=2328&elq=11f7b1b5179f45b09737bdf10d0fe61f
hxxp://seven****.co.za/Zb2s9AuQ/index.html?s=883&lid=2328&elq=11f7b1b5179f45b09737bdf10d0fe61f
Upon clicking link, it will redirect browser to malicious web site and will be exposed by various exploits.
Web site shows following image due to js.js, installs various malicious files and redirects to normal msn.com.
hxxp://ican****.co.uk/wvGCntXp/js.js
hxxp://www.camargotur****.com.br/9jNMTCoL/js.js
js.js contains following contents.
document.location='http://184.***.**.237/search.php?q=fa16f5d3def51288';
It tries to install with using Adobe Flash Player, JAVA exploit.
hxxp://184.***.**.237/data/ap2.php
hxxp://akradugunsalo*****.com/k0g2Cgr9/nn4hWpH.exe
hxxp://annonceagr*****.com/eud7io3A/M13ZGPt.exe
This malicious file tries to access certain site by injected code on explorer.exe.
It can be worked by C&C(Command and Control).
Besides, attacker can monitor infected PCs and can control.
3. Summary
Recently, this kind of technique, inducing user to click type, is prevalent in Korea. Therefore, users need to be careful on using internet. To use PC safely from security threats of these malicious attachments, we recommend you download latest security updates and obey following "Security management tips" for general users.
Security management
tips
1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.
1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.
INCA Internet (Security Response Center / Emergency Response Team) runs responding system against various security threats.
You guys should also take a quick look at this page for more information on malicious emails. Never too much knowledge to protect yourself, eh?
ReplyDeleteAssignment help is a term which is best for students help, they can easily get help for their assignments online . Provide best all Assignment Help to the student at cheapest cost.
ReplyDeleteStudentsassignmentHelp.com is the students free essay topics suggestion services company providing dissertation writing help to college and university students. Our expert assignment writers are available online 24*7 for writing your assignment.
ReplyDeleteActually this is one of the most exciting games. And the site also has many different types of games you can play and feel. Thank you very much for visiting my website and wish you success. Thank you so much!
ReplyDeletebloons tower defense 5
super smash flash 2
Good advice here. I have begun to redraft older posts just this week, so was happy to see it listed here.
ReplyDeleteGreat post! I am actually getting ready to across this information, is very helpful my friend. Also great blog here with all of the valuable information you have. Keep up the good work you are doing here.
ReplyDeleteYou should have clearly define topics which you want to learn and start collecting study material according to that topics. Also some assignment help service you can use to get knowledge as well. Just proceed accordingly and don’t waste your time because time is precious. Assignment Help
ReplyDeleteThanks for the blog.Thanks Again. AwesomeSp flash tools Leapdroid Deezloader
ReplyDeleteSo straightforward this stunning, thank you perpetually for this everybody ought to go make this post Simply need to state your work is remarkable the clearness in your post is just astounding and I can expect you're a specialist regarding this matter a debt of gratitude is in order for sharing this blog entry. Rowan Atkinson Black Jacket
ReplyDeleteStudents often feel issues in writing assignment, so to make students comfortable in programming assignment we help them to write their assignments. If ever you feel any problem in writing something you can visit our website Programming Assignment Help.
ReplyDeleteKineMaster for ios
ReplyDeleteFree fire ios
KineMaster
garena Free fire
Thanks for sharing this informative post and aware us about the malicious emails. I hope you will continue to sharing this kind of informative post. My Assignment Help OZ is leading Australia assignment help provider company, help students tp achieve their target score in academics.
ReplyDeleteAre you worried about doing a load of the report? Why worry when you have a cheap report writing help service providing you with all sorts of Australia assignment help in Australia? Now do accounting report writing help and law report writing help in a minute! Enroll now at Australiaassignmenthelp.com.
ReplyDeletegreat and informative blog. Thanks for sharing..
ReplyDeleteAll Assignment Help Reviews
Do you need quick help from Online UK best essay writing services? In the event that indeed, at that point contact Essays Tigers right away. This is potentially a standout among the best internet composing gatherings accessible as of now. They have a dependable, solid, and incredibly capable conveyance framework which makes the lives of understudies especially helpful. What are you hanging tight for? Put in your request now.
ReplyDeletegreat and informative blog. Thanks for sharing..
ReplyDeletedeezloader android
Your blog provided valuable information. Most of the students really like your blog so keep posting.
ReplyDeleteWebsite Design And Development Company
Do you need an exposition composed which really emerges in each feeling of the word? Why not connect with oxbridge essays help uk where each article author in their group is completely prepared and experienced in the craft of composing exceptional papers? All authors on their board are local English speakers and alumni of best colleges in the UK, empowering them to outflank themselves each time they set up a paper task. Get the best proficient help today at a restricted time markdown offer!
ReplyDeleteThanks you so much. This is wonderful post and very informative. Thanks for sharing!!
ReplyDeleteFinance Homework Help
Help with Assignment
Math Homework Help
hotmail
ReplyDeleteGreat Article
ReplyDeleteNetwork Security Projects for CSE
JavaScript Training in Chennai
Project Centers in Chennai
JavaScript Training in Chennai
hotmail sign in guide.
ReplyDeleteTo get an Online Assignment Help, you contact us. Our writers have simplified your assignment so that you can solve questions about the assignment
ReplyDeletePayStub
ReplyDeletewww.icloud.com login
ReplyDeletego url
omegle app
ReplyDeleteFetLife
https://omegle.monster/
hotmail.com login
ReplyDeletekik on pc
kahoot sign up
how to make google search my homepage
ReplyDeletemyhrcvs
Kahoot Login & Sign in Account Guide | www.kahoot.it
A debt of gratitude is for this extraordinary article. Very accommodating post.Thanks a great deal post. This post truly edifies me.
ReplyDeleteRED CAPSULE AKIRA KANEDA LEATHER JACKET
Thank you for such a well-written article. It’s full of insightful information and entertaining descriptions. Your point of view is the best among many. Any student who wants to pay for writing custom essays is in luck! Exclusive-Paper.com offers students the opportunity to buy cheap paper writing service they need online at affordable prices without having to worry that their written work is plagiarized or that we will resell it again to someone else.
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteThanks for such a well-written content. It's full of insightful knowledge and exciting descriptions. Your point of view is the greatest among several. Any student who wants to solve this problem that how to start an essay? Now, 360assignments.com provides worldwide essay writing help. And answer the student's issues.
ReplyDelete