Pictures of a Japanese model trick users into opening malicious attachments

Aug 8, 2012 13:08 GMT  ·  By

The staff members of an unnamed defense contractor have been receiving spam emails which attempt to trick them into opening an attachment that allegedly holds adult pictures of a Japanese model, Sophos experts report.

Entitled “If you want [adult] picture,” the messages come with a .rar file that stores a number of adult photographs of the young lady, a document, and a screensaver.

While there’s nothing malicious about the pictures, the .scr file is actually a piece of malware identified as Mal/Behav-043.

The .doc file hides a Trojan known as Troj/DocDrop-AF which leverages a vulnerability in Windows Common Controls to push additional malicious elements onto the target device.

This particular security hole - CVE-2012-0158 – was patched by Microsoft back in April. However, many users fail to apply software updates on time, in some situations leaving their digital assets exposed for years on end.