Another Hawkeye keylogger attempt that has problems with the delivery system. The email pretends to be a purchase order from a company called Bath Trends, who might or might not actually exist. It pretends to come from a Gmail address. It is supposed to have an exploit laden RTF file as the attachment, probably supposed to be named PO-67545.doc but the apprentice Skiddie sending the emails forgot to give a file extension. It was received as PO-67545 but because it is an application/octet-stream, Windows or at any rate Outlook adds a .dat extension. For any victim to be infected by … Continue reading →