Site Sponsor:

mcafee_logo.gif
line

Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.

« NIST Recommends Penetration Testing | Main | Data Breaches Jump in 2007 »

Bhutto Assassination Exploited for Spreading Malware

McAfee Avert Labs is reporting that malware distributors are not wasting any time capitalizing on the latest, widely publicized tragedy. Malware writers are pushing their Trojans by claiming they are a codec needed to run a purported video of the Bhutto assassination.

Claiming to be a New HD Codec, these malware authors attempt to social engineer users into believing they are downloading a legitimate codec for playing the video. At least 10 Blogger websites are observed to be hosting this fake video (at the time of writing this blog) which redirects the users to the typo-squatted domain containing fake codec.

The report also describes other drive-by exploits linked to the Bhutto assassination. Up to data AV software should detect these exploits.

Tags:        
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Dan Sullivan on December 28, 2007 11:02 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-websecurity.com/type/mt-tb.cgi/577

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Latest White Papers

line

Blog Roll

line

Dan Sullivan's Bio:

Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net