Thursday, July 7, 2016

Feedly:SANS Internet Storm Center, InfoCON: green. Malware being distributed pretending to be from AU Fedcourts, (Fri, Jul 8th)



from SANS Internet Storm Center, InfoCON: green

Earlier today people have started reporting that they have received a subpoena email from the Australian Federal courts.

The email links through to a various compromised sites which redirect the user to a federalcircuitcourt.net web server.  Once on the web server you are expected to enter a number and the captcha shown before a case.js file is downloaded.   

The case.js file is being looked at at the moment and the diary will be updated with any findings.  In the mean time feel free to block the domain federalcircuitcourt.net in your web proxies. This is not a legitimate domain. 

The federal circuit court has issued a media release -->  http://ift.tt/29xSfN5

​If you receive one of these emails feel free to contact us via the contact form and if you can provide the headers of the email and the URL being used for the link that would be appreciated. 

Regards

Mark H - Shearwater

 

Web Analytics