BleepingComputer.com: Kukudro-a - Ms Word Spammed In Email

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Kukudro-a - Ms Word Spammed In Email

#1 User is offline   harrywaldron 

  • Security Reporter
  • PipPipPipPip
  • Find Topics
  • Group: Members
  • Posts: 509
  • Joined: 10-April 04
  • Gender:Male
  • Location:Roanoke, Virginia

  Posted 28 June 2006 - 04:47 PM

Sophos has declared MEDIUM RISK (3 out of 5 rating) for this new spammed email attack, although other AV vendors have this at low risk currently.

Kukudro-A - MS Word spammed in email
http://secunia.com/virus_information/30331/
http://www.sophos.com/security/analyses/wm97kukudroa.html
http://secunia.com/virus_information/30366/w97mkukudro/
http://www.sarc.com/avcenter/venc/data/w97m.kukudro.a.html

Example of spammed message
http://www.sophos.com/images/common/misc/kukudrdoc.gif

SUMMARY: W97M/Kukudro is a macro trojan that arrives as a Zip file attachment, containing a Word document -- which drops and executes a Downloader trojan on the victims computer. . Sophos has seen the Trojan horse spammed out in email messages with the following Subjects: "worth to see", "prices", "Hi", or "Hello". It uses a very old vulnerability in Microsoft Word MS01-034 where the malicious code can be automatically run just by viewing the document that contains it (impacting mostly unpatched Office 2000 users).

RECOMMENDATION: Stay up-to-date on AV protection and avoid all spam or untrusted URLs/attachments in your email
Microsoft Security Journal

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users