Madonna video leads to malware hanky panky

Filed Under: Malware, Spam

Take a bow material girl Madonna! She may have just celebrated her fiftieth birthday, but Madonna can still hold her own against young Hollywood upstarts like bad girl Britney Spears, Paris Hilton and Lindsay Lohan by causing a commotion in the malware charts.

This latest campaign bears all the hallmarks of previous attacks that have over and over again posed as breaking news reports from MSNBC, or scandalous erotic movies of female celebrities.

The emails, arriving in users' inboxes around the world, claim to contain a link to a XXX-rated video of the pop superstar.

But don't click on the link (which points to a file called madonna.avi.exe) as it will lead you to piece of malware detected by Sophos as the Troj/FakeVir-EW Trojan horse. You will live to tell the tale for now if you have good anti-virus software in place, but your computer may die another day if you don't take more care in future.

Troj/FakeVir-EW has to be the latest example of the vogue for criminal gangs to try and scare innocent computer users into making unwise purchases after displaying bogus security warnings. This is something to remember next time a beautiful stranger appears to send you a link to an apparent erotica video. Don't tell me that the hackers won't try this trick again - sooner or later we'll see a similar scam, and you'll be sorry if you click before you think.

Competition time!
PS. I've 'hidden' some Madonna song titles in this blog entry. The first person to find them all and email me the answers will win a fabulous and very exclusive Sophos t-shirt as a prize. :)

Competition results: Sorry - but the competition is now closed. Find out the full list of Madonna song titles, and discover if you were the winner!

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.