Mytob spreads via spoof emails


Mytob spreads via spoof emails

Tash Shifrin

The Mytob worm is spreading via spoof emails that appear to come from IT system administrators.

Virus protection company Trend Micro this week issued a warning after its infection reports showed the worm was spreading in the US, Australia, China, Hong Kong, India, Japan, Korea, the Philippines and Taiwan.

The worm reproduces by sending a copy of itself as an attachment to an email. The email appears with one of a series of official looking warnings in the subject line.

Examples cited by Trend Micro include “*IMPORTANT* Please Validate Your Email Account”, “Email Account Suspension” and “Notice:***Your email account will be suspended***”.

The emails also contain spoof text encouraging recipients to open the attachment, such as: “Once you have completed the form in the attached file, your account records will not be interrupted and will continue as normal.”

The worm collects target email addresses from the Temporary Internet files folder in Windows Address Book. It has a “backdoor” that allows hackers to gain virtual control over affected systems and also prevents users from accessing some anti-virus and security.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy