Last Updated: 2009-06-01 16:21:12 UTC
by G. N. White (Version: 1)
Thanks to ISC reader Tom for passing on yet another socially engineered attempt to install malware in victim's PCs.
This time a "Bank of America Digital Certificate Updating" scheme is used, where a victim of the luring EMail is directed to a fake website that looks like this:
(I really like the "If you receive a 'potential scripting violation'... advice heh-heh)
Using the <Update Certificate> button here will net you a piece of Malware that has approximately %30 AV coverage (as indicated by VirusTotal). A quick analysis of said malware shows probable signs of, suprise-suprise, Waledac...
Handler on duty (no certificate necessary)