Worm Attack Spoofs Security Firm's E-Mail Address


In a true twist of irony, Helsinki-based security research and software vendor F-Secure reported Wednesday that an unknown attacker has sent out thousands of e-mails infected with a new variant of the Breplibot worm that appeared to come from an F-Secure employee.

The e-mails were crafted so that they appeared to be from a non-existent employee named David Adams, Dept. Research, F-Secure Development. The e-mails suggested that there was a problem with the e-mail recipient's Web site and attached a screen shot to illustrate.

The addresses used in the attack included press@f-secure.com, info@f-secure.com and editor@f-secure.com. F-Secure said the e-mails were not sent from the its network. They were spoofed to look as though they were coming from the security firm's e-mail address.