Beware ‘Your log 05.07.2010’ emails – they carry malware

Malicious hackers are spamming out emails around the world disguised as a changelog, with the intention of infecting recipient’s Windows computers with the attachment.

Malicious email message

A typical email reads as follows, although there can be minor variations in the message body:

Subject: Your log 05.07.2010

Message body:
Dear Customers,
as promised your changelog is attached,

Attached file:

The emails, by the way, are always signed off by the first name of the person who is mentioned in the message’s from: field. That field is, of course, forged – it’s not really that person who sent you the email so don’t blame them if you get infected!

Clearly the attachment’s filename has been chosen to make the email seem more timely, and the hackers are banking on users who receive the message being inquisitive enough to open the file to see what it is regarding. Once again, that would be a bad decision – don’t forget that curiousity killed the cat.

Sophos proactively detects the attached file as Mal/BredoZp-B.