It is the start of the Christmas Malware SPAM season, it isn’t a season to be jolly it is a season to stay on your toes.

 

It looks like the first of this years Christmas Card Malware is starting to get released. Every year we have a influx of Postcard style malware that purports to be a Electronic Christmas card from a loved one or friend. It is pretty much the same as the other Postcard malware we get every other day of the year, but with a Christmas Theme.

This is a long standing 'Social Engineering' tactic employed by the malware writers that pump this stuff out. They still use it because it just works, it relies on the fundamental flaw in all computer systems, the Human at the Keyboard.

The email messages are spoofed to appear as though they have been sent from postcards.org, they display an animated Christmas scene. But they contain a URL link within the email that leads to a malicious file called postcard.exe hosted on various servers.

Once executed, the Trojan will setup the backdoor enabling access and control over the resources of the compromised machine. Control is conducted over IRC, communicating with a preconfigured IRC server. During the install process an image called xmas.jpg is displayed to the user as a distraction technique.

 

So remember, emails bearing Postcards or other types of 'eCard' this Christmas may get you more than a Cold... So Don't Click that Link..