A new wave of malicious spam makes promises of a free MacBook Air but delivers malware instead. The spam messages were only recently detected and arrived with the subject line “Congratulations!” The body of the message reads “Congratulations! You have won todays Macbook Air. Please open attached file and see details.”

The file is an .exe file that installs malware on to the system. The malware has been identified as TROJ_AGENT.AWYQ.  Once installed it drops TROJ_CUTWAIL.GO, which adds the infected computer to the Cutwail/Pusdo botnet. A spam module is downloaded along with one or more “Campaign modules” which contain third party malware from a number of different sources. It’s also programmed to connect to web based email providers it detects the the infected computer has logged into like Hotmail, Yahoo! and GMail and send out copies of itself.

Cutwail/Pushdo is one of the largest botnets in the world, sending out millions of spam messages a day.