Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Benefits of your Blackberry ID in this attached malware

View all posts > 

Benefits of your Blackberry ID in this attached malware

Posted: 22 Aug 2012 10:39 PM | Mary Grace Timcang | no comments


Websense® ThreatSeeker® Network intercepted a malware campaign targeting Blackberry customers.  These fake emails state that the recipient has successfully created a Blackberry ID.  The messages then continue, "To enjoy the full benefits of your BlackBerry ID, please follow the instructions in the attached file." That, of course, is an attempt to lure victims into running the attached malware.

 

 

 

The malicious email itself is a copy and paste of a legitimate email from Blackberry.  And though the attachment indeed raises suspicion, there's no malicious or compromised URL in it.  17/36 AV engines identify the malware in VirusTotal.

 

ThreatScope analysis, which is a part of the Websense CSI service, reports that running the attachment drops other executable files and modifies the system registry to automatically start these malware programs when the system starts. 

 

 

Websense customers are protected from these threats by ACE, our Advanced Classification Engine.



Leave a Comment

(required)  

Email address: (required)