Anyone else seen anything similar?
I'm at a loss to understand if this is:
a) a really lame targetted attack
b) a wide scale attack that we have only heard one example of.
On 2/08/11 12:55 PM, Michael Fincham wrote:
Just had a visit to our Christchurch offices from a shady guy claiming
"ISPs snoop on all your traffic, you should download this free, secure
browser" who then proceeded to hand our tech who answered the door
several URLs on a piece of paper.
I can't imagine a world in which the "linked" executable is anything
aside from a malware payload, though VirusTotal returns nothing for
the file, so it may be new or just creatively packed.
Here's a picture of the piece of paper given to our tech:
The URLs on the paper are:
I'm happy to provide a copy of the payload for analysis and I'm sure
our tech could give a more thorough description of the chap if anyone
wants to take this further.