Trend Micro – Michael Jackson Video Proliferates Malware

Security firm 'Trend Micro' has said that after the death of Michael Jackson on June 25, 2009, it spotted an e-mail written in the Spanish language and was claiming to have come from CNN Mexico, as reported by virusdb.info on June 30, 2009.

The closer examination of the e-mail revealed that it contained accurate information about Michael Jackson, making it more authentic and legitimate to attract users and encourage them to click on links embedded in the message.

However, the e-mail ID from where it came was info@hi5.com, an invalid and spammed e-mail address. Hence, the e-mail was spam and confirmed its illegitimacy.

Moreover, the spam e-mail had a suspicious looking link that referred to an exclusive CNN video of the event. Other links inside the e-mails were bogus and didn't take the user to the right website, except one which showed the title - 'found in the TMZ website' and took the user to a website where the supposed video was hosted. As soon as the user clicked on the embedded link, he was redirected to a malicious website with URL - http://{BLOCKED}.com/openbb/avatars/imagen/CNN/indexx.php.

Trend Micro has dubbed the threat in the abovementioned web page as HTML_DLOADR.ARM.

The security company has highlighted the fact that the website claiming to contain a video of Michael Jackson doesn't have anything except black background and a text message which says that the video could not be played as the Flash Player installed in the system is not synchronized to the video.

The message box has three options - 'Save', 'Run' and 'Cancel'. If the user clicks on any of the three options, the download process of a malicious file (called flash-installer-windows.exe) begins. The file is said to be the right version of Flash Player needed to run the exclusive video.

Trend Micro has given a new name to this malicious file - BKDR_IRCBOT.BW.

Security experts have pointed to an interesting feature of the attack - if the user presses cancel option, then it will not let him quit the website but a malevolent file starts to download. They also tell that the site will continue to download the malicious file on systems without sparing the users.

Hence, security experts have asked online users to be careful while searching news or any video of Michael Jackson online.

Related article: Trend Micro Detects Spam Mail Declaring World War III

» SPAMfighter News - 13-07-2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next