Michael Jackson suicide spam leads to Trojan horse.
However, when users click on the link they are token to a website which secretly installs malicious code onto their PCs. "If yon click on the link, the website displays a message saying it is too busy, which may not surprise people who think it might contain genuine breaking news about Michael Jackson," said Sophos.
"However, this is a diversionary tactic--because behind the scenes the website is downloading malware onto the user's computer without their knowledge." Sophos have analysed the code downloaded by clicking on the link, and determined that it attempts to download another Trojan horse which Sophos detects as Troj/Borobt-Gen.
Sophos notes that this is not the first time that the troubled pop star has been exploited by virus writers and hackers attempting to spread their malware. In October 2004, messages were posted on the internet claiming that incriminating home videos belonging to Jackson had been discovered--but clicking on the link infected web surfers with the Hackarmy Trojan horse.
Sophus recommends companies automatically update their corporate virus protection, and filter attachments which may contain malicious code at the email gateway with a consolidated solution to defend against viruses and spam. More information can be found at: www.sophos.com/virusinfo/analyses/ trojborobtgen.html
|Printer friendly Cite/link Email Feedback|
|Publication:||Database and Network Journal|
|Date:||Jun 1, 2005|
|Previous Article:||Evolutionary database design.|
|Next Article:||Latest Mytob worms use a new trick to fool users.|