Monday, July 19, 2010

Worst Social Engineering Ever

From a recent submission via the email intake - hereyougo at

With a subject line of a invitation to a Tibetan event, invitation.rar (3026984137716828cf8f55b10bb0069) contained the aptly named "exploit.pdf" which certainly inspires confidence to open the attachment:

EXECUTABLE SCAN: PDF Exploit Embedded Flash may be CVE-2010-1297 (genexploit/full)
Exploit method detected as genexploit - PDF Exploit Embedded Flash may be CVE-2010-1297.
Confidence ranking: 100 (11 hits).

Embedded EXE is encrypted with a 256 byte key as well as a simple replacement cipher.


No comments:

Post a Comment