Select Page

Cyren Security Blog

Vast email malware outbreaks – efaxCorporate and Xerox copiers

Wednesday the 24th saw huge of amounts of email-attached malware distributed – all with an “office” theme. The attacks pushed the amount of email up by several hundred percent and totaled near five billion emails sent worldwide.

The first part of the day saw emails describing an attachment as being the scan from a Xerox Workcenter. This is not a new ploy – we described one of these in detail in February last year. Last year’s version was an actual PDF file with an embedded malicious script. Yesterday’s file was a zipped executable.

The second part of the attack moved on to eFaxCorporate, announcing the arrival of a (21 page) fax message. Once again the attachment was an executable file pretending to be a PDF. The file is detected as W32/Trojan2.NTLB by Commtouch’s Antivirus. The malware scans the infected system for FTP programs – no doubt looking for FTP credentials that can be stolen to access and compromise Web servers (which can then be used to serve malware links).

You might also like

Square Enix Phishing Campaign

From July 20 until August 16, 2021, Cyren observed a significant increase in the number of Square Enix phishing URLs. The campaign coincided with 14 days of free play announced by Square Enix on July 12, 2021. During this period, we detected a total of 47,076 URLs for...