IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Malware Posing as Postal Tracking E-Mail

A new type subject line for an old virus, this new method has people opening malicious messages.

The Bredolab Trojan, a virus sent out via the Cutwail (Pandex) botnet, has recently seen a dramatic rise in volume. The new method by which this Trojan is entering e-mail inboxes is by posing as a purchase receipt of an online order. The subject line will refer to an order's postal tracking number and the message will contain a zip file attachment which will, once opened, install the virus onto the computer. The virus will attempt to disable the host based security and then facilitate downloading other malicious content. It is unlikely that the virus will be detected and the controllers will have complete access to the infected machine, allowing them to install other malware and spyware.

Currently, the most common form of malicious file type attachments are zip files, owing to the large scale of this latest threat. Zip files are a common file format and have often been used for sending malware in the past. There is no indication that a zip file attachment represents an increased likelihood of a file being malicious; however, most businesses are unlikely to use zip files as part of their typical e-mail correspondence.

According to MessageLabs, spam originating from the Bredolab Trojan has steadily increased in recent months, reaching its highest level this month. It currently accounts for 3.5 percent of all spam and 5.6 percent of all malware intercepted each day. So far in October, approximately 3.6 billion Bredolab malware e-mails are likely to be in circulation worldwide each day.