According to ESET, a dangerous email titled “Important – To all Employee’s” is currently being sent around Ireland and contains an infected attachment.
“The email has been observed to come from an Irish email address and targets other Irish emails,” says ESET Ireland, with the email’s attachment ‘Document.zip’ the offending article.
When executed, this file contains a Document_2520.exe, which, if clicked, infects the victim’s computer “with malware that ESET detects as Win32/Kryptik.DJUM”.
“Win32/Kryptik is generic detection of malicious obfuscated code within files with PE32 (Portable Executable, 32-bit) format, which is most active in infecting computers in UK and Ireland.
“This particular one likely contains the Win32/TrojanDownloader.Waski, observed since 2013, which downloads a range of additional malware to an infected computer.”
ESET warns that, basically, once you’ve got one, “you’ll soon have many more…”
These infections rely on lazy users not paying attention and just clicking on things, which we’ve all done. So be careful not to click on any email with this subject line and/or attachment.
“ESET Ireland therefore recommends checking who any email is from, before opening any attachments, to make sure the content is legitimate. Executable files (.exe) should particularly ring alarm bells when received and should be checked by an antivirus scanner or just deleted, before they can deliver their malicious payload.”
Trojan email image, via Shutterstock