Sophos Cloud Optix
Heads up folks! There’s a major new malware attack happening right now.
Email messages are being spammed out with a variety of lurid x-rated subject lines. Attached to the emails is a file called watch_video.zip, which contains malware that (at the time of writing) is not being detected by most anti-virus products.
Here’s an example of a typical email:
I’m reliably informed that Joyce Oliveira is a Brazilian porn star. I can’t comment on whether she is in the habit of forgetting to wear her underwear or not. Emails with other subject lines can have different message bodies, albeit all of a similar pornographic nature.
In my examinations so far, I’ve found all of the messages (regardless of different subject lines and message bodies) contain the phrase:
Open attached file to watch video
Sophos is now detecting the ZIP file as Mal/BredoZp-B and the file contained inside as Troj/Mdrop-CPC. Users of other products would be wise to contact their vendor to see if they have an update available.
So remember not to be tempted into opening a sexy video that is sent to you out of the blue. But you knew that already, right?