![\"\"](\"https:\/\/blogs.quickheal.com\/wp-content\/uploads\/archive\/34.JPG\")
<\/p>\nToday we received the following email:<\/p>\n
**************************************************************<\/p>\n
From: “Squirrel Mail Development Team”<\/p>\n
Subject: UPDATE YOUR E-MAIL SECURITY IMMEDIATELY (IUEU)<\/p>\n
Date: Thu, 1 Sep 2011 19:14:23 +0700<\/p>\n
X-Mailer: Microsoft Outlook Express 6.00.2600.0000<\/p>\n
X-EMLSPAM: 0<\/p>\n
X-EMLSPAM-SCORE: -100<\/p>\n
Dear E-Mail User<\/p>\n
Due to the package compromise of 1.4.11,1.4.12 and 1.4.13, we are<\/p>\n
forced to release 1.4.15 to ensure no confusions. While initial review<\/p>\n
didn’t uncover a need for concern, several proof of concepts show that<\/p>\n
the package alterations introduce a high risk security issue, allowing<\/p>\n
remote inclusion of files. These changes would allow a remote user the<\/p>\n
ability to execute exploit code on a victim machine, without any user<\/p>\n
interaction on the victim’s server. This could grant the attacker the<\/p>\n
ability to deploy further code on the victim’s server.<\/p>\n
So upgrade to Squirrel Mail Development Team by<\/p>\n
click Squirrel Mail Login SquirrelMail 1.4.15 Released<\/p>\n
We STRONGLY advise all users of 1.4.11, 1.4.12 and 1.4.13 upgrade<\/p>\n
immediately.<\/p>\n
**************************************************************<\/p>\n
The link “hxxp:\/\/www.d[xxxxxxxx]n.org\/themes\/ThemeDesign-Caspian\/images\/squire.php” inside the above email was responsible for executing suspicious java script as shown below:<\/p>\n
<\/p>\n
![\"\"](\"https:\/\/blogs.quickheal.com\/wp-content\/uploads\/archive\/35.JPG\")
<\/p>\n
We found it was further diverting users to a malicious domain – “hxxp:\/\/www.[xxxxx].fr\/ext\/”.<\/p>\n
Users should not respond or click on any link inside such mails as they may lead to downloading of Trojans from arbitrary websites.<\/p>\n","protected":false},"excerpt":{"rendered":"
Today we received the following email: ************************************************************** From: “Squirrel Mail Development Team” Subject: UPDATE YOUR E-MAIL SECURITY IMMEDIATELY (IUEU) Date: Thu, 1 Sep 2011 19:14:23 +0700 X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-EMLSPAM: 0 X-EMLSPAM-SCORE: -100 Dear E-Mail User Due to the package compromise of 1.4.11,1.4.12 and 1.4.13, we are forced to release 1.4.15 to ensure […]<\/p>\n","protected":false},"author":26,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21,24],"tags":[22,23,47,40],"class_list":["post-72489","post","type-post","status-publish","format-standard","hentry","category-email","category-malware","tag-email-malware","tag-fraudulent-email","tag-security","tag-trojan"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72489"}],"collection":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/users\/26"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/comments?post=72489"}],"version-history":[{"count":0,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72489\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media?parent=72489"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/categories?post=72489"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/tags?post=72489"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}