Hackers slug Aussies with trojans in ATO, air ticket spam

There has been a surge in spam over the past week containing a trojan that mysteriously targets Australians and connects to servers in Russia and Poland if installed, according to Symantec.

“The attackers behind this malicious spam campaign appear to have no specific target in mind other than compromising a large base in Australia for reasons still unknown,” the security vendor warned on Wednesday.

Spam in two flavours are delivering the same malware concealed in two different .zip attachment files: one purportedly from an airline -- which appears by the colours to be Jetstar; another claimed to be from Australian Taxation Office.

The ATO spam’s subject field is titled “Tax Agent Report - Delayed Tax Returns” and contains a “Tax Report.zip” attachment. The zip contains a malicious executable TaxReport.xls.exe.

The subject field “Check-In Details” heads the airline spam, which carries a zip that contains a malware file labeled “check-in details.pdf.exe”.

The malware, which is designed to download additional malware, connects to command servers located in Poland and Russia, according to Symantec.

Symantec advised to be cautious when opening email attachments.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Tags symantectrojanmalware

1 Comment

Tai Decker

1

WinXp X15-65084 could not shut off networks

KB976902 and KB25533552.

There are networks within the OS that form if the user tries to close down the branches of stolen personal camera files and recordings or anything at all that can be put on can be taken by chunks or whole renaming or not...and the FONTS tell alot.

check the size of the registry (start)(run)(regedit) - Export[all]

I have more!!!

the defaults account for some but seriously what are we archiving in Utah?

Who gave the US the UK originated Health care template as a joke?

My guess is the aussies who have the same style as me,...try 6 pts. field goal or pat ...whatever

Nice game of rugby but the beers and song after I remembered that I lived to play another and then of course do what we came to do...get drunk and down under to be one day in the future...

maybe sooner if this torture becomes the ignoring curse of 3 years....plus.

The fact I remember after the radio frequency barrage that makes me want to defeat this emotional and environmental terrorism that I can't tell another because it is so technical I know how and why it should have existed...and the military that shrank from it when I tried to go deep dive they pull back and send crys over the air I get excited I am producing something other than long comments driven to type and even when to put fingers twitch to make a word a mistake.

remember me if I piss off too many...which I plan to do if the President of the United States knows my sister or of me and does nothing.

Then guess what? I believe he is acting so similar that I feel if I could be introduced by video or ??

What would you do if your country depended on someone else named Taiho but ignored you because he died in Japan?

And maybe I was just the nice average guy who did what he said ... and then what could I do?

find a friend or another who can endure environmental terrorism and laugh as I do...but the isolation is what is so weird...it brings me back to the days I was forced to stay on the boat in the San Francisco Bay in C-2 on the 57' Carrie Craft.

The boat B.O.B? but it was stolen in May last year about the time I lost everything by the police misconduct gone unco rrected. Even the FBI stays quiet.

W

Guy Taiho Decker
415 545 8240
taidecker@gmail.com

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

ZENworks® Endpoint Security Management

Get Powerful Protection for All of Your Mobile Devices

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.