Malware Claiming to be from


Thought Leadership

Malware Claiming to be from

Jonathan French

This morning we had a particularly large virus campaign come in. The messages were claiming to be from about an unprocessed payment. Attached to the message was a zipped piece of malware.

Sample Message Sample Message


Over the past month we've been seeing around 1.5 to 2.5 million virus messages through out the entire day. This morning though, over the course of about 3 hours we have seen 6.2 million from a single virus campaign. There were a few other campaigns numbering in the tens of thousands during that time but the fake malware certainly dwarfed any others. For this campaign, though it was large in volume and numbers across all servers here, the malware attached was matching a virus rule that had previously been in place on our system. That rule having the same 6.2 million matches this morning. Running a sample of the virus in shows only 16 of 54 antivirus companies are blocking this particular executable.