“This one begins as a very simple plain text email pretending to be an email delivered fax as seen below. I’d like to point out that in an effort to evade filters or at least make blocking these a bit harder, the cyber thief has been utilizing DropBox links to give to potential victims. Much like many campaigns in the past, other virus campaigns have attempted to utilize legitmate, especially free, services to hide their malware. GoogleDocs was a favorite of spammers to peddle their pharma campaigns, but Google was usually pretty quick to clean those up. In this instance it would appear that DropBox does not scan their stored files for malware and CryptoLocker is taking full advantage of this. Hopefully they can join us in the fight very soon.”
The cryptolocker vulnerability is alive and well and has been detected by my favorite security filtering service, Appriver.
Their post details the message and the means it uses to hide their malware.
Thanks to Appriver