Michael Jackson email-aware worm hits inboxes

The attached malicious file
Since the death of pop icon Michael Jackson last week there has been an avalanche of scams and malware attacks exploiting interest in the contoversial figure.

Now we have encountered a mass-mailing worm that spams out messages with the following characteristics:

Subject: Remembering Michael Jackson
Attached file: Michael songs and pictures.zip

The email, which claims to come from [email protected], says that the attached ZIP file contains secret songs and photos of Michael Jackson.

Sign up to our free newsletter.
Security news, advice, and tips.

Michael Jackson email worm

However, the reality is that opening the attachment exposes you to infection – and if your computer is hit you will be spreading the worm onto other internet users. Besides spreading via email, the malware is also capable of spreading as an Autorun component on USB memory sticks (an increasingly common trend for malware as use of these devices has become more and more popular).

Sophos detects the malware proactively as Mal/ZipMal-B and Mal/VB-AD, and recommends that users of other anti-virus products ensure that their defences are properly updated.

In light of the huge interest in Jackson since his sudden death, there are likely to be many computer users who are tempted into opening the attachment.

Long time followers of the computer security scene will be aware that although there has been much cybercriminal activity following Michael Jackson’s death, he was not immune from having his name exploited by hackers when he was alive either.

For instance, in 2004 a Trojan horse was spammed out claiming to contain photographic evidence of Jackson abusing a young boy. The following year a malware campaign was spammed out claiming to contain breaking news that the music superstar had committed suicide.

And earlier this year, we exposed that scammers had managed to advertise their offers on Jackson’s official website promoting his (now cancelled) concerts at the O2 in London.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.