The Latest in IT Security

When Cupid brings malware instead of love

11
Apr
2013

We have started to see in Germany a massive spam campaign that spreads malware in form of a classical “russian bride” spam.

russian-malware

Written in a more than questionable German language, the emails contains confusing sources. The From field mentions a name, the author of the email is another one and the contact email address in the email is a completely different one. Looks like the girl looking for a German husband has some kind of personality disorder. :)

Leaving the jokes aside, despite all these clear signs of fraud, the Russian girl sends a link to a file that is supposed to be a photo of herself .

url-russian

You did notice the filename photo.jpg_______.exe, right ?

This method of spreading malware using a double extension is as old as the malware business itself. It made us remember the old MS-DOS viruses that were having double extensions?

At the moment of writing this post only 7 antivirus software out of 46 included in the Virustotal.com website detected the file as malicious.

All Avira products detect the various files included in these emails as TR/Injector.EB.64 and TR/Cridex.EB.71.

We remind all our readers again: never click on links sent in spam emails and never execute files that you receive in emails or you download from suspicious sources.

Sorin Mustaca

IT Security Expert

Leave a reply


Categories

MONDAY, OCTOBER 21, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks