Beware 'Your log 05.07.2010' emails - they carry malware

by Graham Cluley on July 8, 2010 | Leave a comment

Filed Under: Malware, Spam

Malicious hackers are spamming out emails around the world disguised as a changelog, with the intention of infecting recipient's Windows computers with the attachment.

Malicious email message

A typical email reads as follows, although there can be minor variations in the message body:

Subject: Your log 05.07.2010

Message body:
Dear Customers,
as promised your changelog is attached,
<name>

Attached file: Changelog_05_07_2010.zip

The emails, by the way, are always signed off by the first name of the person who is mentioned in the message's from: field. That field is, of course, forged - it's not really that person who sent you the email so don't blame them if you get infected!

Clearly the attachment's filename has been chosen to make the email seem more timely, and the hackers are banking on users who receive the message being inquisitive enough to open the file to see what it is regarding. Once again, that would be a bad decision - don't forget that curiousity killed the cat.

Sophos proactively detects the attached Changelog_05_07_2010.zip file as Mal/BredoZp-B.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can email Graham, subscribe to his updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.