Tuesday, August 28, 2012

Spam Offers 'Benefits of a BlackBerry ID' with a Side Order of Malware

BlackBerrySecurity researchers are warning the public about an ongoing malware campaign targeting BlackBerry customers.

The attack starts off with a spam message posing as a notice from RIM that a new BlackBerry ID has been created. The email is said to be an exact copy of a legitimate email sent from Research in Motion (makers of BlackBerry) - complete with a spoofed email header to make it appear as if it were sent from a blackberry.com email address.

BlackBerry Spam



From: donotreply@blackberry.com
Subject: Your BlackBerry ID has been created

Your BlackBerry ID has been created

Hello,

You’ve created a BlackBerry ID!

To enjoy the full benefits of your BlackBerry ID, please follow the instructions in the attached file.

BlackBerry ID is your universal BlackBerry key. Here is what it offers:

  • One sign in for all BlackBerry applications, services, and websites.

  • Automatic transfer of some email accounts and services when you switch smartphones.

  • Full access to all features in BlackBerry App World storefront.

  • Protection of financial transactions using BlackBerry services.


You can learn more about BlackBerry ID by visiting https://blackberryid.blackberry.com/

The BlackBerry Team

This email has been automatically generated. Please do not reply to this email.

If you have not previously indicated that you wish to receive emails from Research in Motion Limited and/or its affiliated companies regarding exclusive offers and updates about BlackBerry products and services and you would like to do so, please click here.

Research in Motion Limited, 295 Phillip St., Waterloo, Ontario, Canada N2L 3W8

Attached to the email is a malicious file, “BlackBerry_ID19176974_Instructions.zip” (the string in the file name may vary), which houses malware that Microsoft detects as Worm:Win32/Gamarue.I.

Websense researchers warn that running the attachment drops other executable files and modifies the system registry to automatically start these malware programs when the system starts.

What to Do if You Receive BlackBerry Spam


If you receive a copy of this email, it’s recommended that you:

  • Do NOT click on any links or download any attached files. (There’s no indication that the links are malicious, but that can change at any time.)

  • Report the email to SpamCop.

  • Delete the email immediately.


Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment