Watch_video.zip malware attack

Filed Under: Malware, Spam

Heads up folks! There's a major new malware attack happening right now.

Email messages are being spammed out with a variety of lurid x-rated subject lines. Attached to the emails is a file called watch_video.zip, which contains malware that (at the time of writing) is not being detected by most anti-virus products.

Porn subject lines disguise watch_video.zip malware attack

Here's an example of a typical email:

Watch video malware attack email

I'm reliably informed that Joyce Oliveira is a Brazilian porn star. I can't comment on whether she is in the habit of forgetting to wear her underwear or not. Emails with other subject lines can have different message bodies, albeit all of a similar pornographic nature.

In my examinations so far, I've found all of the messages (regardless of different subject lines and message bodies) contain the phrase:

Open attached file to watch video

Sophos is now detecting the ZIP file as Mal/BredoZp-B and the file contained inside as Troj/Mdrop-CPC. Users of other products would be wise to contact their vendor to see if they have an update available.

So remember not to be tempted into opening a sexy video that is sent to you out of the blue. But you knew that already, right?

You might like

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley