On Wednesday the 1st of February, an unknown attacker sent out
thousands of infected emails. These emails were crafted so that
they appeared to be from a non-existant F-Secure employee "David
Adams, Dept. Research, F-Secure Development". The addresses used in
this attack included "press @ f-secure.com", "info @ f-secure.com",
"editor @ f-secure.com". These emails were not sent from F-Secure’s
network, they were just spoofed to look like they were coming from
an F-Secure address.
These emails contain a new variant of the Breplibot worm.
F-Secure Anti-virus detects it as W32/Breplibot.ae.
F-Secure has taken measures to inform network users about the
attack, which has obviously been done to make F-Secure look
bad.
This is what the emails looked like:
**** Begin sample email ****
From: Mr D Adams < david.adams @ f-secure.com >
Subject: Website Browsing Problem
Hello,
I noticed whilst browsing your site that there were problems
with some of your links, when I tried again with Internet Explorer
the problems were not there so I assume that they were caused by me
using the Mozilla browser.
As more people are turning to alternative browsers now it may be
of help for you to know this. I have enclosed a screen capture of
the problem so your team can get it fixed if you deem it an
issue.
Kind regards,
David Adams
Dept. Research
F-Secure Development
**** End sample email ****
About F-Secure Corporation
F-Secure Corporation protects consumers and businesses
against computer viruses and other threats from the Internet and mobile
networks. We want to be the most reliable provider of security services in the
market. One way to demonstrate this is the speed of our response. According to
independent studies in 2004, 2005 and 2006 our response time to new threats is
significantly faster than our major competitors. Our award-winning solutions are
available for workstations, gateways, servers and mobile phones. They include
antivirus and desktop firewall with intrusion prevention, antispam and
antispyware solutions, as well as network control solutions for Internet Service
Providers. Founded in 1988, F-Secure has been listed on the Helsinki Exchanges
since 1999, and has been consistently growing faster than all its publicly
listed competitors. F-Secure headquarters are in Helsinki, Finland, and we have
regional offices around the world. F-Secure protection is also available as a
service through major ISPs, such as France Telecom, TeliaSonera, PCCW and
Charter Communications. F-Secure is the global market leader in mobile phone
protection provided through mobile operators, such as T-Mobile and Swisscom and
mobile handset manufacturers such as Nokia. The latest real-time virus threat
scenario news are available at the F-Secure Data Security Lab weblog at http://www.f-secure.com/weblog/
For more information please contact:
F-Secure Corporation
Mikko Hyppönen, Chief Research Officer
Tel. +358 400 648 180
