Beware 'Your log 05.07.2010' emails - they carry malware

Filed Under: Malware, Spam

Malicious hackers are spamming out emails around the world disguised as a changelog, with the intention of infecting recipient's Windows computers with the attachment.

Malicious email message

A typical email reads as follows, although there can be minor variations in the message body:

Subject: Your log 05.07.2010

Message body:
Dear Customers,
as promised your changelog is attached,

Attached file:

The emails, by the way, are always signed off by the first name of the person who is mentioned in the message's from: field. That field is, of course, forged - it's not really that person who sent you the email so don't blame them if you get infected!

Clearly the attachment's filename has been chosen to make the email seem more timely, and the hackers are banking on users who receive the message being inquisitive enough to open the file to see what it is regarding. Once again, that would be a bad decision - don't forget that curiousity killed the cat.

Sophos proactively detects the attached file as Mal/BredoZp-B.

You might like

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley