Home Spam Mal/Dropper-PQ Infection Discovered in Spam Email Scam

Mal/Dropper-PQ Infection Discovered in Spam Email Scam

Posted: August 11, 2009

A horribly written spam e-mail was discovered by Sophos, a developer and vendor of security software and hardware, early Sunday morning.

With a newly discovered spam messages including a dangerous malware infection, identified as Mal/Dropper-PQ, came the following proposition:

Dear Sir
I am able to complete the funds transfer late night
$1,850 was sent via western union with MTCN VALUE 754 061 9934
Copies of the payment is being attached and sent to the attorney
I anticipate further correspondent as regards
Peter

Upon receiving such an e-mail, you will most likely first notice the poor grammar and spelling, but on closer inspection you may discover that this message has also come with an attachment named "WU Money Sent.exe."

Now I'm certain we can all agree that typically we might delete such an e-mail message almost immediately and go about our lives, but for those of you that are perhaps too perplexed, scared or tired enough to actually execute the attached file, you will be greeted with this notification:

Bar. Mate
Here is the final transfer of $3,000
$1,850 was sent via western union with MTCN VALUE 035 461 7793
Copies of the payment is being attached and sent to the governor
I anticipate further correspondent as regards
Peter

While this is nothing more threatening than a text file, the real danger comes with the self-extracting .rar file, named Mal/Dropper-PQ, running malware designed to terminate specific antivirus programs and secretly install a keylogger that will record your keystrokes and then transmit this information to a remote server.
This will no doubt lead to identity theft and the loss of your well-earned money, which by this time will be transferred from your account and into the scheming hands of the hacker who infected your computer.

Loading...