Follow AppRiver

AppRiver Posts In Your Inbox

Your email:

Browse by Tag

Current Articles | RSS Feed RSS Feed

Dropbox Password Reset Emails Lead to Malware

 

A new campaign just started up involving some fake dropbox password reset emails. The emails come in with a sad computer face claiming the recipient has requested a password reset and their old password is now "dangerous".

dropbox email1 resized 600

The email itself contains a link that when clicked, leads the user to a page saying their browser is out of date and they need to update it.

 

dropbox out of date browser resized 600

Clicking anything in the linked notification page downloads a file ieupdate.exe. The file is a Trojan that is part of the Zeus family. The links in the email messages came from 54 unique domains but all of the download links in the browser-out-of-date pages to actually download the malware were hosted at dynamooblog.ru which was registered yesterday (on a side note, it's sort of similar naming to a security blog at blog.dynamoo.com). As always, take extreme caution when you get any password or banking emails out of the blue. Always check where they may lead you and what information it may be asking.

Comments

Great post! Thanks for sharing.
Posted @ Monday, November 18, 2013 12:07 PM by Kevin Right
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics