[Rspamd-Users] Virus replies automatically

Rob Gunther redrob at gmail.com
Fri May 29 05:53:09 UTC 2020

I know this is not a new technique, but something we are seeing in the last
couple days.

There is a virus out there that is somehow accessing a user's email.  It
sends replies back to the sender with a password protected .zip file and a

Essentially, two people are having a conversation and the virus jumps in
and sends a message on its own.

The recipient has a high probability of opening the message because they
know the sender and are actually having a conversation.

I tested the virus with VirusTotal (sending them the .zip file) and of
course not a single AV scanner can scan the file because it is encrypted.

Smart virus, dumb users.  Who do you think is going to win here?

Anyone have a suggestion how to go about stopping this virus?

More information about the Users mailing list