Analysis by: Chloe Ordonia

Spammers are known to abuse significant world news for their malicious schemes. Similar spam campaigns include the death of Apple's Steve Jobs and Libyan leader Muammar Gadhafi. This time, however, cybercriminals are taking advantage of Kim Jong-Il's death to spread malware via malicious messages.

Trend Micro received of these messages with email subjects mentioning the death of the said North Korean leader. The messages arrive with a .PDF attachment that has the file name brief_introduction_of_kim-jong-il.pdf.pdf. The said file is verified and is detected as TROJ_PIDIEF.EGQ.

The death of a globally known personalities has become a staple in cybercrime.Such news generate global interest in a very short amount of time, so they make very good social engineering lures. Users are advised to stick to trusted sites when trying to get more information about noteworthy events. As a rule, users must refrain from opening any attachments coming from unknown sources and delete such messages from their inbox.

 SPAM BLOCKING DATE / TIME: December 20, 2011 GMT-8
  • ENGINE:6.8
  • PATTERN:8596