Websense Alert: Dell lure installing Trojan Horse

Websense Security Labs has received reports of a new email campaign starting in Australia that attempts to lure users to connecting to a malicious website. The Australia CERT has reported emails that are spoofing the Dell online store. The emails claim that the user is being charged for a camera purchase and requests they connect to a site in order to view their profile. The site is encoding there code via Java Script which decodes to 8 different IFRAMES, all which attempt to load exploit code and download and install new malicious code. The site itself appears to be going up and down sporadically.

See: http://www.auscert.org.au/render.html?it=7595

See also Dell’s recent blog:

Note:  Dell advised users last year on similar phished message to visit their http://www.dell.com/spoof on how to protect.

Leave a Reply