Blog
Vishal Dodke

UPDATE YOUR E-MAIL SECURITY IMMEDIATELY (IUEU) SCAM!

September 2, 2011
0
Estimated reading time: 2 minutes

Today we received the following email:

**************************************************************

From: “Squirrel Mail Development Team”

Subject: UPDATE YOUR E-MAIL SECURITY IMMEDIATELY (IUEU)

Date: Thu, 1 Sep 2011 19:14:23 +0700

X-Mailer: Microsoft Outlook Express 6.00.2600.0000

X-EMLSPAM: 0

X-EMLSPAM-SCORE: -100

Dear E-Mail User

Due to the package compromise of 1.4.11,1.4.12 and 1.4.13, we are

forced to release 1.4.15 to ensure no confusions. While initial review

didn’t uncover a need for concern, several proof of concepts show that

the package alterations introduce a high risk security issue, allowing

remote inclusion of files. These changes would allow a remote user the

ability to execute exploit code on a victim machine, without any user

interaction on the victim’s server. This could grant the attacker the

ability to deploy further code on the victim’s server.

So upgrade to Squirrel Mail Development Team by

click Squirrel Mail Login SquirrelMail 1.4.15 Released

We STRONGLY advise all users of 1.4.11, 1.4.12 and 1.4.13 upgrade

immediately.

**************************************************************

The link “hxxp://www.d[xxxxxxxx]n.org/themes/ThemeDesign-Caspian/images/squire.php” inside the above email was responsible for executing suspicious java script as shown below:

We found it was further diverting users to a malicious domain – “hxxp://www.[xxxxx].fr/ext/”.

Users should not respond or click on any link inside such mails as they may lead to downloading of Trojans from arbitrary websites.

Have something to add to this story? Share it in the comments.

No Comments, Be The First!

Your email address will not be published.

CAPTCHA Image