Adobe InDesign License Key malware attack spammed out

InDesign iconCriminal hackers have spammed out emails which pretend to contain a license key for the desktop publishing program Adobe InDesign.

Their intention? To infect your Windows computer with malware.

The emails pretend to come from Adobe, in a noxious campaign which bears many similarities to the fake Adobe Acrobat Reader updates spammed out yesterday.

A typical message looks like the following:

Sign up to our free newsletter.
Security news, advice, and tips.

Adobe InDesign malicious email

Subject: InDesign CS4 License Key

Attached file: License_key_ID[random number].zip

Message body:
Hello,

Your Adobe CS4 License key is in attached document below.
We encourage you to explore its new and enhanced capabilities with these helpful tips, tutorials, and eSeminars.
Thank you for buying Adobe InDesign CS4 software.

Adobe Systems Incorporated

Sophos detects the malware as the Troj/Bredo-MY Trojan horse.

Remember – computer security is not just about keeping your anti-virus software properly updated. It’s also about realising that companies are not in the habit of emailing you unsolicited attachments out of the blue.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky and Mastodon, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.