Wednesday, June 27, 2012

More "Bad Photo" Spam Hitting Inboxes, Inviting Users to Download Malware

Surprised Gasp MemeHead's up, everyone! There’s another round of “bad photo” spam hitting inboxes.

This time the emails attempt to piqué your curiosity by either warning that a “police investigation is under way now” or that a set of revealing photos of your girlfriend have been leaked online.

Both emails encourage you to download an attached zip file named “Photo.zip.”

"Enjoy the Consequences" Spam



From: Kenny Kaps (KennyKapspery@gmail.com)
Subject: You can’t say I haven’t warned you, now enjoy the consequences.

Hello racer1164,

I got to admint your GF has a nice butt:) I just don't know how these photos leaked online. I don't think your GF in in adult business, isn't she?? anyway I received this picture from three of mine FB buddies today. It's in attachment

Police Investigation Underway Spam



From: Chastity Rodeigues
Subject: The police investigation is under way now. You’ll be really sorry about what you’ve done.

Hate to bother you brianhaugen26,
Why did you have to put these photos online? All the hell is gonna break loose now, don't you understant? Take them down immediately! Don't tell me you don't know what photos I'm talking about! Check attachment!

If you guessed that these file archives contained malware, you’re right. A VirusTotal scan of the file attachments found that they both harbored malware that Microsoft detects as Win32/Gamarue.I.

Microsoft’s analysis of Gamarue.I states that upon infection, the malware makes registry edits, connects to a remote server to download additional arbitrary files and copies itself to removable drives when the opportunity presents itself.

That being said, if you receive any email messages similar to the ones shown above (or ones we’ve previously written about), it is recommended that you:

  • Refrain from downloading or opening any attached files.

  • Delete the email immediately.


Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment