Nuclear email malware attack?

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

SophosLabs has intercepted a widespread malicious spam campaign that claims there was a powerful explosion at a nuclear power station outside London two days ago.

You don’t hear about it in the newspapers? Quelle surprise. According to the email, the government have stopped the media reporting about the incident and prevented anyone affected by it contacting the outside world.

nuclear

According to the email, news of the incident has leaked out onto internet message boards and if you click on the attachment (called victims.zip) then you’ll be able to see images of the devastation left by the explosion and pictures of victims’ bodies.

Sign up to our free newsletter.
Security news, advice, and tips.

Of course, this is all nonsense.

victims.zip

In fact, clicking on the attachment will not open any pictures of the supposed explosion but will instead run a Trojan horse detected by Sophos at Troj/Agent-HQE, which will drop itself as oembios.exe in the System directory on your Windows PC. Once installed, the hackers can use the malware to spy on the victim’s computer and steal information for financial gain.

Rather than use a real life event, the hackers have turned to fictional explosions and conspiracy theories in the hope they will strike a nerve with potential victims who will then click on the attachment without a second thought.

All computer users need to show some common sense and delete these messages. It would be some media conspiracy to cover up such a large explosion for two days! Alarm bells should be sounding, but until everyone wakes up to these social engineering tactics, the cybercriminals will continue to use them.

As always, it’s a good idea to ensure that all of your computers are defended with up-to-date anti-virus protection, and that your company runs a consolidated solution at the email gateway to defend against these kind of spam and virus attacks.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.