Home / mailings Malicious Code / Malicious Website: Information stealing code disguised as "videos"
Posted on 21 February 2008
Websense Security LabWebsense Security Labs(TM) has discovered a run of spam emails that attempt to dupe users into downloading and installing a video of the solar eclipse. We have also seen similar blocks of spam purporting to contain videos of movie stars, singers, and other entertainers.
Sample subject lines include:
Lunar Eclipse Video
Your guide to the total lunar eclipse.
Shocking video with Total moon eclipse
Total Moon Eclipse Video on NASA TV
Moon Eclipse is visible today
If users access any of the various Web sites hosting the malicious code, and attempt to view the video, they are infected with an information-stealing Trojan Horse. There is no exploit code hosted on the sites. Users are prompted to confirm that they want to run the code.
For additional details and information on how to detect and prevent this type of attack:
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=842