Trojan keylogger inside spoofed Adobe e-mail message

SurfControl is currently tracking a malicious Trojan keylogger concealed in a spoofed e-mail message claiming to be from Adobe.  The e-mail asks users to download the latest version of Adobe Reader 7.0.8.
 
Clicking on the link in the e-mail downloads a Trojan keylogger (Goldun.nq) that, after executing, will then download additional malicious files and will monitor the user’s browser, potentially stealing the user’s confidential data. 
 
The threat then opens the relevant Adobe read me page in the browser in order to appear legitimate.  Additionally, the threat also installs malware that utilizes the infected user’s computer as a zombie, to send out spam e-mails that appear to come from Microsoft advertising Windows Live Messenger.  These spammed e-mails link to malware files on another server, similar to the malware in the original Adobe spoof e-mail.




Share this