You Are Under Surveillence
This morning we noticed an interesting malware campaign that had begun just after 5am. The emails claim to come from the FBI and deliver a warning that, even though they don't seem to know who they sent the email to as demonstrated by their "Dear Sir/Madam" salutation, they have been monitoring your internet activities. Apparently they have logged your IP address at more than 40 illegal websites. Attached to the email is a supposed questionnaire for recipients to respond to. It is entitled document.zip, and even though the file within the zip is an executable (.exe), it is wearing the costume of a .pdf icon. The file is not a questionnaire, but instead a malicious downloader from the Bredolab family. It's intent is to slip past your human defenses and create a permanent backdoor on your PC in order to further download malicious payloads such as keyloggers and spyware. Don't worry though, because AppRiver has your back. You may have seen this one in your Daily Held Spam Report as "X.W32.Kryptik.CTR.pak".