We’ve detected a spam attack today that spreads as an email and tricks our customer into opening a malicious PDF file, which in tandem with an embedded VBScript may penetrate a victim’s computer and drop a so-called WORM and rootkit components.
The WORM component spreads through computer devices that are detected by infected systems and will automatically execute an autorun.inf file as soon as a user activates an infected device. In addition, the malware deploys a stealth technique by using a rootkit component to prevent itself from being discovered.
The main payload of this attack is an URL to establish a connection to a malicious website that may enable cyber-criminals to gather information and to further compromise an infected system.
If you have receive such an email, please delete the mail without opening the attachment. If you suspect your system is already infected or you have already open the attachment and not sure whether your system is infected, please contact us so that we can schedule our technician to check your system.