Malicious Software to Grieve over Whitney Houston’s Death
A video linked with a spam electronic mail, asserting pop singer Whitney Houston's last appearance in a night club of Los Angeles is spreading and downloads an executable binary, according to the news published on February 17, 2012 in a blog of security firm Symantec.
The post, which started off from Ireland and makes Portuguese readers its prey, contains the spiteful file hosted on a seized Japanese website. The subject of the mail is randomized by adding up arbitrary numbers at the subject field's end. A small number of subjects used by the spam mail are: Olha o Video da ultima aparicao publica de Whitney Houston em u ma Boate em Los Angeles. Clique no play para Reproducao (0 .17465), and Olha o Video da ultima aparicao publica de Whitney Houston em u ma Boate em Los Angeles. Clique no play para Reproducao (0 .06787).
Parallel assaults are being made on social networking sites like Facebook and Twitter where wall posts appear containing subject line like "I cried watching the video. RIP Whitney Houston". These come with a link to the made-up video. Clicking on the link takes the users to a page that further contains connection to the video. Nevertheless, this link only redirects victims to several pages until they reach the standard survey con website.
Symantec researchers see more malevolent spam, claiming to have video footage of Whitney Houston's funeral that was held recently in a church in New Jersey, circulating on the internet.
Researchers of other security firm Trend Micro have observed some malicious URLs making use of search string "amy winehouse death" in a blackhat SEO assault. Trend Micro threats researcher Marco Dela Vega says that these spiteful URLs led to malevolent software that took users to a false scanning page to panic them into downloading the malware. The nasty file is a FAKEAV binary sensed as TROJ_FAKEAV.CLS.
Symantec advises users to check authentic news websites to obtain updates, and not to open any post claiming video or news about Whitney Houston. The users should employ message security and antivirus solutions, and regularly update the security software that guards against online cons and viruses.
Related article: Malicious Scripts with Zero-byte Padding can Pass Undetected
» SPAMfighter News - 23-02-2012