E-mails Supposedly from McDonalds Drop Trojan

Investigators at BitDefender the security company state that they've detected scam e-mails that are arriving in mailboxes purportedly from the fast food chain, McDonald's.

These e-mails, whose senders' addresses are varied having the suffix @mcdonalds.com, invite the recipients for joining The Free Dinner Day scheduled for June 27, 2011 at any of the McDonald's outlets.

Further there's a menu listed in the rogue messages for the grand day of free food, BitDefender points out.

In addition, the security company says that there's an MS Word file attached in the e-mails which direct users for following it so they can avail the free food.

But, upon opening this attachment, a PC Trojan automatically gets installed on the user's system, suggesting that the file is poisoned. Evidently, in this particular fraud, the researchers identified that the malicious program getting disseminated is a Bredolab sample.

Moreover, BitDefender elaborates that Bredolab is actually an installer since once it's loaded, it starts pulling down more malicious programs onto the infected PC. At times such malicious programs represent fake anti-virus software. Besides, Bredolab is as well understood to pull down additional malware like Koobface, Zeus, Waledac, Rustock, Sirzbi etc. Notably, during November 2010, according to the company, experts partially dismantled Bredolab at the time the law enforcement in The Netherlands snatched control over the botnet's 143 C&C servers, nevertheless, it didn't fade away entirely.

The above observation by BitDefender has gained support from AppRiver, which in its June 2011 Threat Report states that 5 samples of the Bredolab Trojan were listed among the 20 most-prevalent e-threats during May 2011, wherein 4 samples occupied positions among the top 10.

And because the above kinds of scams are so malicious, BitDefender's experts outline certain security tips such as users mustn't view unsolicited e-mail attachments. Also, they must make sure that their AV application scrutinizes every e-mail attachment, which come through inbound e-mails.

Eventually, a malware scam hitting McDonald's fast food restaurant isn't something new. For, back during December 2008, PandaLabs reported one malware scam that whilst conveying New Year Greetings to McDonald's customers, installed the P2PShared.U PC virus on their machines.

Related article: E-Crime Reporting Format To Be Launched in July

» SPAMfighter News - 6/27/2011