FYI...
SPAM - IRS themed e-mails w/malicious attachment
- http://blog.webroot.com/2012/03/22/s...s-and-malware/
March 22, 2012 - "Cybercriminals are currently spamvertising with IRS themed emails, enticing end -and- corporate users into downloading and viewing a malicious .htm attachment.
> https://webrootblog.files.wordpress....ts_malware.png
More details: Spamvertised subject: Your tax return appeal is declined...
Malicious attachment: IRS_H11832502.htm *
Malicious iFrame URL found in the attachment...
Upon downloading and viewing the malicious attachment, an iFrame tag attempts to load, ultimately serving client-side exploits such as the Libtiff integer overflow in Adobe Reader and Acrobat (CVE-2010-0188), and Trusted method chaining remote code execution (CVE-2010-0840)... the malicious iFrame is hosted within a fast-flux botnet, and is therefore currently responding to multiple IPs, in an attempt by cybercriminals to make it harder for security researchers to take it down. End users are advised to ensure that they’re not running outdated versions of their third-party software and browser plugins, as well as to avoid interacting with the malicious emails..."
* https://www.virustotal.com/file/d854...f65e/analysis/
File name: IRS_U774510.htm0
Detection ratio: 13/43
Analysis date: 2012-03-23 09:17:40 UTC