BANGALORE, INDIA: Websense Security Labs, a provider in security solutions for web-based threat, recently announced that its ThreatSeeker Network has discovered spam emails offering recipients links to unpublished videos and pictures of singer Michael Jackson.
The spam email appears to offer a link to a YouTube video, but instead sends the recipient to a Trojan Downloader hosted on a compromised Web site, said a press release.
The file offered is called Michael.Jackson.videos.scr.
This file is located on a legitimate Web site hosted in Australia belonging to a radio broadcasting station. Upon executing the file, a legitimate Web site is opened by the default browser in order to distract the user by presenting a news article for them to read.
In the background, three further information-stealing components are downloaded and installed by the malware. One of the downloaded files is called michael.gif, which has low AV detection rates.
The malware then installs a malicious BHO that is registered with this file, added the release.