Security expert F-Secure has discovered several Christmas card malware that is doing the rounds of the internet throughout the world. The links that are set in an email are cloaked and point to a fake Yahoo greeting card website, run along with American Greetings.

The site asks the user to click the UPLS present in the message, after which a bogus website pops up with a request to download the new Adobe Flash Player version, which in reality is a malicious software known as “macromedia- flashplayerupdate.exe”

F-Secure detect this file as an Agent variant. It collects various types of information from the infected machine and sends it back to the malware author via a website.

Now the fake Christmas greeting card is joined by Happy New Year… .exe which is another spam to worry about this season.

Once a user runs the exe file, the malware drops a nice Christmas tree to the desktop, and Systray. The malware (detected as Trojan-PSW:W32/Delf.BBE), steals passwords and other assorted information, and sends it to lbss.3322.org.

According to Patrik Runald, senior security specialist of F-Secure Security Labs APAC, the popularity of e-cards furnishes fertile ground for malware authors. Spammers have a long tradition of trying to lure people with mush, e-cards, et al.