In a true twist of irony, Helsinki-based security research and software vendor F-Secure reported Wednesday that an unknown attacker has sent out thousands of e-mails infected with a new variant of the Breplibot worm that appeared to come from an F-Secure employee.
The e-mails were crafted so that they appeared to be from a non-existent employee named David Adams, Dept. Research, F-Secure Development. The e-mails suggested that there was a problem with the e-mail recipient's Web site and attached a screen shot to illustrate.
The addresses used in the attack included email@example.com, firstname.lastname@example.org and email@example.com. F-Secure said the e-mails were not sent from the its network. They were spoofed to look as though they were coming from the security firm's e-mail address.