As we anticipated in our yesterday's diary, spammers are starting to exploit attention-grabbing headlines of recent celebrity deaths. Sophos described one such message, with the subject "Confidential===Michael Jackson", in their blog posting. Today we're starting to see reports of these messages directing viduals to websites that distribute malicious software. For example, Steve Basford emailed us a link to his blog posting, where he discusses a spammed fake news item invites the victim to download a "video" to download. The message said: "As redes de televisão americanas CBS e ABC também estão noticiando a morte do cantor, assim como a versão online do jornal New York Times e da revista Variety..." (See screen shot below.) The victim was asked to download the "video" file is named "Michael.Jackson.videos.scr" was actually a malicious program--a downloader that would start the infection chain. See the VirusTotal report.
Update: Websense is reporting that they are seeing this campaign as well in their blog posting, and offer a few additional details.
Liked this note? Tweet it! -- Lenny Lenny Zeltser - Security Consulting Lenny teaches malware analysis at SANS Institute. You're welcome to follow him on Twitter. You can also track new Internet Storm Center diaries by following ISC on Twitter.
|
Lenny 216 Posts Jun 26th 2009 |
Thread locked Subscribe |
Jun 26th 2009 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!