Bogus Changelog E-Mails Deliver Malicious Application

Researchers from security firm Sophos have discovered that a new spam scam pretends to be e-mails providing 'changelogs' on request. In reality, the attachment that's embedded on the spam mail carries the virus, BredoZp.

Typically, a malicious e-mail displays the header "Your log 05.07.2010." However, the text message can be slightly varied such as after wishing a good morning it tells the recipient that his requested changelog is there inside a given attachment.

Moreover, the signature in the e-mail every time shows the same person's first name whose e-mail id appears in the "From" space. Incidentally, that space is spoofed, as the real e-mail sender is somebody else and not the individual claimed in the "From" space. Notably, there's some social engineering involved that's an attempt to make the scam persuasive.

Additionally, the given attachment named "Changelog_05_07_2010.zip" carries malware that Sophos detected as Mal/BredoZp-B.

Said Senior Technology Consultant Graham Cluley at Sophos, clearly the scammers chose the filename of the attachment in such a way that the e-mail appeared a timely message. Over and above they relied on the e-mail recipients' curiosity in the attached file, enough to get them to view it. However, Cluley warned that it'd be wrong to open the file for reasons that were obvious. SoftPedia published this on July 8, 2010.

In the meantime, security researchers remarking about the problem stated that the spam mails were being distributed globally with the idea to contaminate recipients' Windows PC. That suggested that there was again a growing tendency of spammers to use e-mails for proliferating malware. The practice followed cyber-crime syndicates' specific preference for infected websites as well as BHSEO (Black Hat Search Engine Optimization) schemes of recent years.

In fact, a new study by Web and e-mail security provider AppRiver showed that more than 10% of spam mails caught during the last 6-months delivered malware of some sort. The firm further disclosed that the majority of e-mail borne malicious programs was Trojans.

Remarked the researchers, the discoveries weren't astonishing as with trojans considerable profits were possible to extract from illicit operations such as identity theft and bank fraud.

Related article: Bugs Swell In Browsers in 2006

» SPAMfighter News - 7/21/2010