Monday, June 29, 2009 2:00 PM cmosby

Michael Jackson Malware – F-Secure Weblog

<<< Monday, June 29, 2009  
 
Michael Jackson Malware Posted by Mikko @ 08:36 GMT | postCount('00001709'); Comments

There has been a couple of malware attacks that have tried to use the news coverage of the death of Michael Jackson as the lure to get people infected.

Last night we saw this one: a file called Michael-www.google.com.exe. This file was distributed through a site called photos-google.com and possibly also through photo-msn.org, facebook-photo.net and orkut-images.com. Do not visit these sites.

When executed, Michael-www.google.com.exe drops files called reptile.exe and winudp.exe. These are IRC bots with backdoor capability. The file also shows this fake error message:

michael jackson malware

We detect the dropper and the backdoors as Trojan.Win32.Buzus.bjyo.

Filed under: , ,

Comments

No Comments