Macbook Air prize spam delivers malware

A good rule of thumb when it comes to unsolicited email offers or announcements should be: If it’s too good to be true, it probably is. Add to this grammatical and/or spelling mistakes, and you can be pretty sure it’s an email you should delete without a second thought.

Trend Labs experts have analyzed the spam email with the simple subject line of “Congratulations”, which contains the equally simple message: “Congratulations! You have won todays Macbook Air. Please open attached file and see details.”

The attached winner.zip file contains TROJ_AGENT.AWYQ, malware that upon execution installs TROJ_CUTWAIL.GO, a malware variant that downloads a spam module that effectively recruits your computer into the Cutwail/Pushdo spam botnet.

It also downloads and installs various other malware, and connects to Yahoo!, Gmail and Hotmail mail servers and sends copies of the malware.




Share this