Bogus Video on Shakira Accident Delivers Extremely Nasty Trojans
According to researchers from GFI Software the security company, a video that is thought to show Shakira a celebrated singer confronting an accident is actually cyber-criminals' ploy to disseminate one highly destructive Trojan.
The video, which is hosted on certain co.uk domain, isn't really any film clip rather it's a file folder that has an .exe element named Noticiascaracolvideoaccidenteshakirabarcelona.exe.
Elaborating this further, researchers from GFI Labs state that upon execution of this executable, the file begins to hunt for any debugger on the affected computer and incase it doesn't find one it downloads another malevolent element called windsyslogc.exe.
This second malware joins the registries of the contaminated PC to make sure it becomes active every time the system starts running.
Importantly, GFI has identified both the executables as Trojan.Win32.Generic!BT.
Quite often it has been found that celebrity names similar as Shakira become targets of cyber-crooks through Facebook scams, however, it appears that there's been little problem towards cashing in on them whenever the crooks wish to disseminate malicious software.
And as for Trojan.Win32.Generic!BT, it represents the group of generic Trojans while being extremely dangerous as it leverages stubborn scareware infection. Apparently, it creeps inside the machine, creates one backdoor with which several other malware items get downloaded as also aids in duping the victimized user.
Worryingly, it's because of the above kinds of malware scams, which caused the name of Shakira as getting perceived as a highly risky Internet celebrity. This statement receives the backing of McAfee, which released statistics during September 2012 within its yearly report of Internet celebrities posing the maximum threat, based on which Shakira was placed on No.7.
Meanwhile, it isn't just Shakira who's been cyber-criminals' celebrity target for spreading malware. On 14th January 2009, they injected one malevolent iFrame into parishilton.com the authorized site related to Paris Hilton that automatically made Web-surfers accessing it susceptible to banking Trojan or client-side security flaws, states Scan Safe another security company. On analyzing in detail, the website was found contaminated on January 8, 2009 making it the most recent lawful site whose obsolete software program utilization was responsible for its exploitation.
Related article: Bogus News Site Spreads Trojan
» SPAMfighter News - 22-10-2012