<<<
Tuesday, December 25, 2007
>>>
 
Happy2008.exe Posted by Mikko @ 18:30 GMT

Storm action continues.

They were late for Christmas but early for the New Year: We're already seeing New Year greeting card spam runs directing recipients to a malicious web site called uhavepostcard.com.

uhavepostcard.com

Right now there are no exploits on the site, but it tries to download a copy of Happy2008.exe to the user. Which is something you don't want.

Update 1: On the 26th we started seeing a new domain: happycards2008.com. The filename has morphed as well, to
happy-2008.exe.

Update 2: Still the 26th and the new domain newyearcards2008.com is being used. Filename right now is
happynewyear2008.exe






<<< It's a Stormy Christmas Eve...
|
Half-a-Million >>>