We’ve just intercepted a currently circulating malicious spam campaign impersonating WhatsApp — yet again — in an attempt to trick its users into thinking that they’ve received a voice mail. Once socially engineered users execute the malicious attachment found in the fake emails, their PCs automatically join the botnet operated by the cybercriminal(s) behind the campaign.
Sample screenshot of the spamvertised malicious email:
Detection rate for the spamvertised attachment: MD5: 41ca9645233648b3d59cb52e08a4e22a – detected by 10 out of 47 antivirus scanners as TrojanDownloader:Win32/Kuluoz.D.
Once executed, it phones back to:
We’re also aware of the following malicious MD5s that are known to have phoned back to the same C&C servers as well:
Webroot SecureAnywhere users are proactively protected from these threats.
I have clicked the PLAY link button but I never clicked anything on the website that was opened or downloaded anything or entered any info… Will this still affect me? Should I change my gmail’s password? I am using a PC (Windows 7) when I clicked the link.
X0X0 Are you thinking that your machine is infected? Be sure to clear out your Temporary Internet Files and Cache within your browser if you have small performance issues.
is there any thing i can do if i’ve clicked on Win 7 machine other than clearing Temp internet data to save laptop from this virus?