Establishing Digital Trust: Don't Sacrifice Security for Convenience
Websense researchers recently uncovered a new malware campaign specifically targeting BlackBerry users.
"These fake emails state that the recipient has successfully created a Blackberry ID," writes Websense's Mary Grace Timcang. "The messages then continue, 'To enjoy the full benefits of your BlackBerry ID, please follow the instructions in the attached file.' That, of course, is an attempt to lure victims into running the attached malware."
"While the e-mail’s text and links are fine -- Websense notes it’s copied from a legitimate email from BlackBerry maker Research in Motion -- it’s the attachment that will give users trouble," writes Threatpost's Christopher Brook.
"Downloading and running the attachment reportedly allows the hackers to drop other executable files and modifies the system registry, making it automatically run malware programs when the system starts," writes V3.co.uk's Alastair Stevenson. "'This email is piggybacking on BlackBerry's reputation, knowing that many corporate users will be targeted,' Websense researcher Elad Sharf told V3. 'Like any malware, this puts any compromised machine out of the sole control of its lawful users and under the additional control of cyber criminals, putting corporate data at risk.'"