McDonalds Malware Bundled With the Free Breakfast

mcdonaldsWe all love McDonalds simply because it just never stop giving us promotions and free stuff. You can print the voucher for redemption via facebook, newspaper, or magazine. But did McDonalds ever give any free stuff via email? What would you react when you received an email from Mcdonalds inviting you to a free breakfast and require you to print out some invitation card attached to the email. Would you open the file and print that out? Below is a piece from Naked Security on this news.

I don’t know if you’re the sort of person who wakes up in the morning, and the first thing you long for is a McDonalds’ breakfast – but if you are, you might just be exactly what malware authors are looking for.

Researchers at SophosLabs have seen a malicious email that has been spammed out across the world in the last couple of days pretending to come from McDonalds.

The email claims that the fast-food giant is offering free breakfasts in each and every of their many thousands of restaurants around the globe. Chances are that there are many people who would love the prospect of munching on a McDonalds first thing in the morning.


Part of the email reads as follows:

McDonalds invites you to The Free Breakfast Day which will take place on 26 June, 2011, in every cafe of ours.

Free Day’s menu!
- Ranch Snack Wrap (Crispy)
- Chicken Selects Premium Breast Strips
- Premium Caesar Salad with Grilled Chicken
- Strawberry Triple Thick Shake
- McCafe Hot Chocolate

Print the invitation card attached to the letter and show it at the cash desk of any of our restaurants.

But beware! There is no such thing as a free lunch.. breakfast.

The attached file is, of course, malicious. Sophos detects the ZIP file asTroj/BredoZp-DV and the Invitation_Card.exe file contained within as theTroj/Bredo-HU Trojan horse.

In an attempt to fool computer users into believing the file is safe, the EXE file has a Word icon.

Don’t forget – you should always be suspicious of unsolicited attachments sent to you via email!


It is strange though McDonalds is not any bank or finance company around. However, the plan of infecting McDonalds users is to plant a Trojan into the user’s computer and then only start attacking when the user starts browsing banking websites and making transactions. In the 20th century, I can say 70% of the McDonalds perform internet banking and it is worth planting a Trojan into their computer.

Build Your Own Security
Subscribe to my newsletter and get a copy of my eBook for free.
We hate spam just as much as you

Related posts:

  1. TrueCrypt: Protecting Data The Free Way
  2. Is It a Malware?
  3. Malwarebytes Anti-Malware Review
About Alan Tay

This blog is owned and operated by myMediaInc. My Media operates content based online portals for IT professionals, technology managers and decision makers as well as business leaders. We publish original quality content focused in Software Development, IT Security, SaaS, Cloud Computing, Outsourcing, Project Management and Mobile and Wireless. Our mission is to explore how to help you optimize your resources in each of these areas.

Find us here IT Security Column.

Speak Your Mind


CommentLuv badge

This blog uses premium CommentLuv which allows you to put your keywords with your name if you have had 3 approved comments. Use your real name and then @ your keywords (maximum of 3)