SophosLabs has intercepted a widespread malicious spam campaign that claims there was a powerful explosion at a nuclear power station outside London two days ago.
You don’t hear about it in the newspapers? Quelle surprise. According to the email, the government have stopped the media reporting about the incident and prevented anyone affected by it contacting the outside world.
According to the email, news of the incident has leaked out onto internet message boards and if you click on the attachment (called victims.zip) then you’ll be able to see images of the devastation left by the explosion and pictures of victims’ bodies.
Of course, this is all nonsense.
In fact, clicking on the attachment will not open any pictures of the supposed explosion but will instead run a Trojan horse detected by Sophos at Troj/Agent-HQE, which will drop itself as oembios.exe in the System directory on your Windows PC. Once installed, the hackers can use the malware to spy on the victim’s computer and steal information for financial gain.
Rather than use a real life event, the hackers have turned to fictional explosions and conspiracy theories in the hope they will strike a nerve with potential victims who will then click on the attachment without a second thought.
All computer users need to show some common sense and delete these messages. It would be some media conspiracy to cover up such a large explosion for two days! Alarm bells should be sounding, but until everyone wakes up to these social engineering tactics, the cybercriminals will continue to use them.
As always, it’s a good idea to ensure that all of your computers are defended with up-to-date anti-virus protection, and that your company runs a consolidated solution at the email gateway to defend against these kind of spam and virus attacks.