The staff members of an unnamed defense contractor have been receiving spam emails which attempt to trick them into opening an attachment that allegedly holds adult pictures of a Japanese model, Sophos experts report.
Entitled “If you want [adult] picture,” the messages come with a .rar file that stores a number of adult photographs of the young lady, a document, and a screensaver.
While there’s nothing malicious about the pictures, the .scr file is actually a piece of malware identified as Mal/Behav-043.
The .doc file hides a Trojan known as Troj/DocDrop-AF
which leverages a vulnerability in Windows Common Controls to push additional malicious elements onto the target device.
This particular security hole - CVE-2012-0158 – was patched by Microsoft
back in April. However, many users fail to apply software updates on time, in some situations leaving their digital assets exposed for years on end.