London 2012 Olympics Fake Spam Warning Leads to Malware

 Analysis by: Chloe Ordonia

Just as the 2012 London Olympics draws near, so do cybercriminals continue to exploit it for their social engineering attacks. This spammed email, discovered by Trend Micro researchers, is no different, claiming to be from the official London Olympics organization. The body of the message warns the recipient about bogus websites and organizations selling tickets for the major sporting event, and claims that the document it comes attached with contains information about the aforementioned fraudulent websites and entities. 


Should the user open the attached file, it drops a malicious file which it then executes on the user's system.


The attachment is detected as TROJ_ARTIEF.ZIGS, while the malicious file it drops and executes is detected as BKDR_AGENT.ZGS.


Even with the well-meaning message on this spammed email, users should always take care not to open file attachments from suspicious and unfamiliar entities.

 SPAM BLOCKING DATE / TIME: April 20, 2012 GMT-8
 TMASE INFO
  • ENGINE:6.8
  • PATTERN:8852