14 DAY TRIAL // Security researchers from Sophos have identified a malware distribution campaign which produces emails targeting English speakers that celebrate Bastille Day.
Bastille Day is the National Day of France and is celebrated on July 14. It commemorates the storming of the Bastille fortress-prison by French revolutionaries on July 14 1789 and signifies the fight against monarchy.
Aside from the widespread celebrations held in France, Bastille Day is also observed by French communities abroad and it this this last category of people that cyber criminals are targeting with this malware campaign.
The rogue emails bear a subject of "Bastille Day" and instruct recipients to open an attachment detailing activities prepared for the day.
Called BastilleDay.rar, the attached archive contains a short-BASTIL_1.SCR file. "Opening the SCR file (which Sophos detects as Troj/Mdrop-DPB) drops another file called WindowsUpdate.exe onto your computer," the Sophos researchers warn.
In addition to WindowsUpdate.exe, which is a trojan detected as Troj/Agent-SNH, a harmless text file containing actual information about the Bastille Day Festival is opened in Notepad.
This file is intended to distract users from the malicious activity happening in the background. "The festival features live music all day long, with an evening headliner act of 'Le Jazz' with the Patrick Lamb Band as well as performances by the Portland Ballet and Portland Opera," it reads.
This suggests the emails are targeting the French community from Portland, Oregon. "Whether you're a Francophile or not, don't let malware rain on your parade. Always be suspicious of unsolicited email attachments that are emailed to you out of the blue, and ensure that you have defences in place to protect against the threats of malware and spam," warns Graham Cluley, a senior technology consultant at Sophos.