Last Updated: 2010-05-23 19:53:08 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
There are two public broadcast TV stations at Colombia. We received a report that a e-mail is out there claiming to be from one of the stations and announcing they have the video of Fidel Castro's funeral:
The URL points to a UK server and downloads a nasty little malware done in Visual Basic that changes Windows parameters and recolects info from your computer. The trojan used to upload the malware is located on the same directory:
We encourage Web server admins to keep updated security patch and avoid default configurations on web servers that could allow attackers to upload these kind of files to your webserver. This backdoor is pure php and, as you can see, has a lot of useful options.
Please keep in mind also that clicking URL links inside e-mail is dangerous. Always go to the web server typing yourself the URL.
-- Manuel Humberto Santander Peláez | http://twitter.com/manuelsantander | http://manuel.santander.name