Graham Cluley’s blog

The start of a new week has brought some minor variations to the contract malware I warned you about on Friday.

The malicious messages that are being spammed out are pretending to be changes to a contract - some related to business activities with well known firms like Johnson & Johnson, Starbucks or Google, and others pretending to be connected with a retirement plan.

Here are a couple of examples:

The dangerous files attached to these emails in the samples we’re seeing in our traps are called contract.zip or New_Contract.zip. Sophos intercepts them as Troj/Invo-Zip.

If you use other vendors’ products, make sure that they are properly updated and capable of stopping these threats.

Posted on December 1st, 2008 by Graham Cluley, Sophos
Filed under: Malware, Spam

                                      

Related posts

• Contract of many disguises contains Trojan horse
• Activation Key malware morphs its disguise
• Spammed out personal account keys contain Trojan horse
• Email malware flying high
• “Hello kitten” - malware spammed out in sexy picture email