Websense has warned of a Bird Flu Trojan (expl1.wmf) which sends email messages pretending to have information on a Bird Flu attack in England. The email lures users into opening a web link. Once opened, expl1.exe is downloaded and exploits WMF in Windows.


Websense has warned of a Bird Flu Trojan (expl1.wmf). The Trojan sends email messages pretending to have information on a Bird Flu attack in England.

The email lures users into opening a web link. Once opened, expl1.exe is downloaded and exploits WMF in Windows.

The body of the email is:

“Attention !!! Bird flu in England !!!
UK researchers reported to government that the H5N1 influenza virus was founded in some birds in the UK. Also, 35 yo man infected with the H5N1 bird flu virus hospitalized in UK hospital !
government trying to hide the true from people despite real facts.
All facts you can read here on our website……………” [Source]

According to Websense, the same sites were used for phishing, fraud and distributing malicious codes in the past.

The sites are hosted in the .WS and .CC domains.

For a screenshot of the website, click here.

 

 

 

 

Sharing is caring