In the previous blog entry, we mentioned a new trend of spreading malicious code. And in the past few days, our system has constantly collected a lot of new malicious codes spread via emails which masquerade as from big names like Skype, Twitter and Facebook. According to scan result on Virus Total, these .html files have not been detected by many antivirus programs.
Virustotal scan result:
Even antivirus programs of established mail servers such as Gmail or Yahoo mail are bypassed.
Bypass Gmail’s AV
Bypass Yahoo mail’s AV
That is the reason why these malicious codes are widely spread in the past few days.
Le Minh Hung
Senior Security Researcher