London nuclear explosion in malware spam campaign

A spam campaign claims there has been an explosion at a nuclear power station in the suburbs of London.

The malware attack message claims to contain images of victims from the explosion on 9 September.

The e-mails claim to contain images in an attachment called victims.zip.

Clicking on the attachment will not open any pictures of the supposed explosion but runs a Trojan horse detected by web security firm Sophos as Troj/Agent-HQE.

Download this free guide

3 key web security guidelines from FS-ISAC

We address the ongoing issues regarding web security for businesses relying on an online presence. Download this e-guide and discover how to identify and address overlooked web security vulnerabilities as well as why you should look at the full security development lifecycle to reduce web threats.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

• • I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

  Please check the box if you want to proceed.

• • I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

  Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

Once installed, the malware to spies on the victim's computer and allows hackers to steal financial information.

"Rather than use a real-life event, the hackers have turned to fictional explosions and conspiracy theories, in the hope they will strike a nerve with potential victims, who will then click on the attachment without a second thought," said Graham Cluley, senior technology consultant at Sophos.