Nuclear email malware attack?

Graham Cluley
Graham Cluley
@[email protected]

SophosLabs has intercepted a widespread malicious spam campaign that claims there was a powerful explosion at a nuclear power station outside London two days ago.

You don’t hear about it in the newspapers? Quelle surprise. According to the email, the government have stopped the media reporting about the incident and prevented anyone affected by it contacting the outside world.

According to the email, news of the incident has leaked out onto internet message boards and if you click on the attachment (called then you’ll be able to see images of the devastation left by the explosion and pictures of victims’ bodies.

Of course, this is all nonsense.

In fact, clicking on the attachment will not open any pictures of the supposed explosion but will instead run a Trojan horse detected by Sophos at Troj/Agent-HQE, which will drop itself as oembios.exe in the System directory on your…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.