Malicious image spam entices users with soft porn

Share this article:

Hackers are taking advantage of image spam techniques and lusty minds to spread a new Trojan horse, experts at SophosLabs warned today.

A new spate of email messages are being sent to Australian users claiming to be from a woman visiting the country looking for a sex partner. Similar to most run-of-the-mill image spams the message contains no text, with the message completely embedded within an image. The missive embedded within the image entices users to visit a website to view her picture.

The referred website contains a soft porn image and Trojan horse payload containing Troj/Dloadr-AMA.

"This malware attack is particularly interesting because it borrows techniques commonly used by spammers," said Graham Cluley, senior technology consultant at Sophos. "The image in the email contains random noise to sidestep signature-based detection - a technique normally seen in medical or stock spam campaigns. Also, the subject matter is similar to 'pretty girl' spam campaigns that we see - but normally they send text spam rather than image spam, and urge the recipient to reply via email rather than visit a website."

According to IT security researchers at numerous companies, image spam has more than doubled in the past several months.

Share this article:

Sign up to our newsletters

More in News

Instagram iOS and Android apps vulnerable to session hijacking

Two researchers wrote about the Instagram app for iOS and Android is vulnerable to session hijacking because both send unsecured information through HTTP.

Report: Hackers stole data from Israeli defense firms

A report by Brian Krebs detailed the intrusions, which occurred between Oct. 2011 and Aug. 2012.

Neverquest trojan targets regional banks in Japan

Symantec researchers found a new variant of the banking trojan.