Photo.zip - Stolen nude photos and police investigations. Malware attack spammed out

Filed Under: Featured, Malware, Spam

Nude back. Image from ShutterstockCybercriminals are attempting to infect the computers of internet users, via a spammed-out email that has a malware-infected file attached.

Computer users are being warned to be wary of email messages which suggest they contain nude photographs of girlfriends, or claim that they have been reported to the police, as the attached file (Photo.zip) really contains a Trojan horse.

There are many different subject lines being used in the malware campaign, including:

  • These pictures should be taken down immediately.
  • You can't say I haven't warned you now enjoy the consequences.
  • The police investigation is under way now. You'll be really sorry about what you have done.
  • The criminal investigation agains you has started. Grave privacy violation is a serious thing.

Here are some examples of what the emails look like, each with a file called Photo.zip attached.

Email with malware attached

Subject: Lets put this behind us once and for all I know you broke into my email.

Message body: Hate to bother you <name>

I have a proof that you broke into my email and stole my private photos and financial information. It can be clearly seen in the files attached to this message. If you don't respond within 48 hours I will have to report you.

Email with malware attached

Subject: How can you be so cruel to me? I'll have to react and destroy you.

Message body: Hate to bother you <name>

This is quite crazy but someone sent me a nude picture of your girlfriend. Is seems to be her in attachent right? We'll have to track down the bastard who do it I can help you!

Email with malware attached

Subject: Your private photos are there for anyone to see. why??

Message body: Sorry to disturb you <name>
Someone sent me thee pictures they seem to be from you and your boyfriend I'm really troubled by this why do you send your private naked photos around?? this is beyound my understanding. It's in attachment

Email with malware attached

Subject: I can assure you you're in deep sh*t now over those photos. You know what I mean.

Message body: Hello there <name>

I got to admint your GF has a nice butt:) I just don't know how these photos leaked online. I don't think your GF in in adult business isn't she?? anyway I received this picture from three of mine FB buddies today. It's in attachment

Email with malware attached

Subject: You'll reap just what you sow! You'll be really sorry about what you've done to me.

Message body: Hello <name>
I always considered you to be my buddy but after that I'll have to try to destroy you. You ruined my life! Why did you have to put these photos online?? I reported you to the police check the attachment

Email with malware attached


Subject: This has the potential to ruin you completely.

Message body: Hate to bother you <name>
This is quite crazy but someone sent me a nude picture of your girlfriend. Is seems to be her in attachent right? We'll have to track down the bastard who did it I can help you!

You can just imagine how some folks would react if they received one of these emails. Many would probably open the attachment - either out of curiosity or concern - and could end up having their Windows computer infected as a result.

Sophos products identify the attached malware as Mal/EncPk-NS and Troj/Zbot-CCH.

Please remember to always be suspicious of unsolicited emails, and keep your security software updated.

Nude back image courtesy of Shutterstock.

,

You might like

8 Responses to Photo.zip - Stolen nude photos and police investigations. Malware attack spammed out

  1. dragonmasterjay · 852 days ago

    Wow! I imaging there would be better ways to scare email users, but I suppose this way works.

    • Jon Fukumoto · 852 days ago

      Just another social engineering trick. I noticed one of the subject lines that there was a spelling error, which is a dead giveaway.

  2. Mike · 851 days ago

    I'd react by sending back a reply with corrected grammar and spelling. What a bunch of morans.

    • Tom · 222 days ago

      What? Reply and let them know your email account is being used? I think not!!

  3. Leila · 851 days ago

    Wow, I was just browsing through my spam mail when I came across an email just like this.....

  4. School Tech · 850 days ago

    Considering school staff read these articles do you think it is appropriate for you to use images of half naked women in them? I'm sure the kids find it very amusing when they pop up on an IWB.

    • André · 838 days ago

      <sarcasm>Oh, think of all the harm it would do to poor children's souls if they see a woman's bare back! </sarcasm>

  5. Tricky spam, I have translated the summary and posted on my blog!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.