German net users targeted by Skype email malware attack

Filed Under: Malware, Spam

Beetle. Image from ShutterstockSophosLabs has intercepted a malware attack, hitting many German internet users today, disguised as an email from Skype.

The email, which has the subject line "Wir haben Ihre Bestellung geliefert" (Translation: We have delivered your order") has a ZIP file attached, which contains a Trojan horse.

The email claims that details of the order can be found in the attached file.

Here's what a typical example of the email looks like:


Inside the ZIP file, however, is a program called Die Einzelheiten Ihres Eiknkaufs.pdf.exe, obviously designed to use the "double-extension trick" to hoodwink unsuspecting users into believing it is a PDF rather than an executable file.

Sophos products are being updated to detect the malware, which has been identified as the Troj/Agent-ABCT Trojan horse.

Of course, the emails do not really come from Skype - and you can't feel anything but sympathy for the company which is having its brand tarnished in this way by cybercriminals.

All internet users must remember to always be suspicious of unsolicited emails, and to be wary of clicking on unknown attachments.

Scarab beetle image from Shutterstock.

, ,

You might like

4 Responses to German net users targeted by Skype email malware attack

  1. Peter Homann · 913 days ago

    Ich war verwundert über diese E-Mail und habe auch versucht den Anhang zu öffnen. Meine Norton AVPrigramm hat den Virus entdeckt und gelöscht..
    I hope you can read german

    • Google Translate is telling me that you received an email like this, and Norton AV correctly intercepted the attachment as malicious.

  2. Sven · 913 days ago

    Correct Graham. His Norton AV program discovered the virus and quarantined / deleted it prior to him being able to open the .pdf.exe file.


  3. Steven · 912 days ago

    Nice to know you discovered it too Norton AV discovered it some ago

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley