Beware of Anonymous Email Online Postcards   9/25/2005 - 1,630 views, 2 Comments

Summary: If you get an anonymous online postcard in your email, don't follow the link! It's really Dloader-UT and Dumaro-S come a'knockin'.

Previous Article « Bagles and Locks: New Bagle Virus Rolls Across Internet (a/k/a Bagle.da and Bagle.cd)
Read Next Article » “Visual I.D.” Graphic in Email to Protect Against Phishing

Yet another email online postcard virus has been launched. This time the unsuspecting user gets a postcard from a “secret admirer” or other anonymous source, and when the user follows the link in the email to retrieve their “postcard”, what they really end up retrieving is the Dloader-UT Trojan. Dloader-UT in turn then downloads the Trojan virus Dumaru-S which installs itself on your computer, allows others remote access to your system, and records your keystrokes!

Dumaru-S is also known as “Backdoor.Win32.Dumador.az”.

Explains Carole Theriault of Sophos, who has been quoted a lot this week (what’s happened to Graham Cluely?), “You may think you’ve received an electronic greetings card from a secret admirer, but in fact it’s a hacker who is going to be showing an unhealthy interest in you.”

Fortunately, most anti-virus programs should have definitions for Dloader-UT and/or Dumaru-S, so as always, update your anti-virus programs regularly!

This is apparently the week for Trojan postcards. A Spanish version of the email postcard Trojan hit earlier this week with the Mepe.A instant messenger worm.

Get FREE email alerts of new Internet Patrol stories!
    *We never share your email address with anyone

Email Address:
Date of first visit:
How you found us:

Subscribe to The Internet Patrol on your cell phone    Email the link for this page to a friend!

Read more:

»  Buyer Beware When It Comes to Shipping Insurance for Things You Buy Through eBay and Other Online Services

»  Reader Has Novel Idea - Poll: Could it Work?

»  Unexpected Online Greeting Cards May Carry Trojan Horses

»  Don’t Say That Aunty Didn’t Warn You - This Month’s Fake Microsoft Security Update MS05-039

For additional similar stories check out our archives on Virus & AntiVirus, Windows

 

2 Comments »

  1. Got one of these this morning. Ashamed to say I tried to open it–I know better, but…

    AVG caught it.

    Don’t open stuff from “a friend” unless you’re expecting it.

    Comment by Tom — 5/23/2006 @ 1:55 am

  2. tfjgyjjgjhfjfhj yrjygjhghj fyjgjyrf yfjjhghg ggjkghkjgkkj fhjg hgyyj fjhg ghjgkjjk fjhgkkjh fhjgkgjk jkgkhgjkgjk kghgkjhjk jghgkgjkkj kjgkgkjjjhj fjhgg hfyjhjkb ghhgjj fgjyh ggkg ghggjk hggkg tgukgjkghf hfjhjvkjgk hjgkgkgj kjgjk gjkh.

    Comment by RAIMIS — 1/13/2008 @ 2:26 am

RSS feed for comments on this post.

Leave a comment

Warning! All comments which contain URLs and are clearly just spam to generate a link back to the URL will be deleted on sight. Don't bother wasting your time!

If you are going to include a URL in your comment,
please keep it under 25 characters in length,
or use TinyURL to shorten it before including it in your comment.

Line and paragraph breaks are automatic, your email address is never displayed.
HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

(required)

(required)


We apologize for having to ask you to enter the letters and numbers you see in the image above to validate your comment, but we are being attacked by thousands of comment form spams every day!

 
The Internet Patrol
Patrolling the Internet for You!