Ransomware Warning: CDC Flu Warning Email

A new malspam masquerading as the CDC  is on it’s way to millions of inboxes. The emails are supposedly being sent from the Centers for Disease Control and Prevention (CDC) about a new Flu pandemic. Attached to the emails are a malicious attachment that when opened will install the GandCrab v5.2 Ransomware on the target’s computer.

These emails are being sent from email addresses that are impersonating the “Centers for Disease Control and Prevention” and have a subject line of “Flu pandemic warning”. These emails state that there is a flu pandemic and that recipients should read the attached document to help prevent its spreading.

The email specifically states:

"Presently, influenza activity is severely elevated. US Center for Disease Control and Prevention (CDC) estimates that during a last four months, the situation has deteriorated essentially: near 20 thousand diseased people were killed by the flu already, and more than 220,000 were urgently hospitalized.
Directions DOC

To stop spread of the disease and keep people from the flu, US Center for Disease Control and Prevention developed a directions list.
You could find DOC file with this list attached to the e-mail.

It is recommended to read it attentively and follow the directions to prevent the disease. With care of your health, CDC Communication Department"

There is an attached word document named “Flu pandemic warning.doc” and needs you to enable editing to view it.

If the content is enabled, the GandCrab v5.2 Ransomware will be installed and executed. Once this happens successfully, GandCrab will encrypt the files on the computer and append a random extension to each encrypted file’s name. You then receive your ransom note.

Be on the lookout for these emails as they have been sent to millions across the United States. Remember, never open an attachment you receive via email unless you confirm who it is sent from and that they meant to send it to you.

If you are concerned that you have received this or any other malicious emails, please contact us. We can quickly run a scan to see if there are any issues with your network or if there are any threats detected.

Contact Us



Posted in

Book a call with TechRunner IT and get a smart IT plan