Erin Andrews peephole video spreads malware

Filed Under: Apple, Malware, Video

Hackers have created webpages claiming to contain the notorious Erin Andrews peephole video in their attempt to infect Mac and Windows computers.

Erin Andrews is a glamourous TV sports reporter on ESPN with many fans, so it's no surprise that when news broke that a voyeur had secretly filmed her through the peephole of her hotel room door that the internet would be abuzz with sad sleazy men searching for the footage.

Check out the video I made about this:

(Enjoy this video? You should subscribe to the SophosLabs YouTube channel)

Lawyers working for Erin Andrews say that they will take legal action against anyone distributing the footage, which was taken without her knowledge or consent. That hasn't stopped scores of opportunists to set up websites claiming to contain contact regarding Erin Andrews, in the hope of driving traffic their way.

Of course, hackers are no slacks when it comes to taking advantage of a hot internet search trend, and although the real video has now been removed from YouTube, they have been quick to set up bogus webpages claiming to contain the video footage of Ms Andrews in her hotel room.

And - surprise surprise - if you visit those webpages you could be putting the security of your computer at real risk. For instance, in the video I have made I show how a website has been set up to look like a genuine CNN video page - but in fact, it tries to fool you into thinking that your browser's popup blocker has prevented the peephole video from playing and tries to make you download a malicious program.

LIVE VIDEO PLAYER BLOCKED
Your popup blocker has blocked access to the Video Player. To view your video, please launch the Live Video Player below.

It's not just this bogus CNN webpage though - there are lots more sites out there pretending to host the Erin Andrews peephole video, but really hosting malicious software.

If you visit from an Apple Mac we identify the malware as the OSX/Jahlav-C Trojan horse. Windows users are also at risk (I almost didn't need to say that, did I?). When we tested it on a Windows computer we saw it serving up Mal/EncPk-IF on occasions, and at other times rogue anti-virus product Mal/FakeAV-AY.

Unusually, it does actually pay a segment of video (of an undressed woman seemingly in a hotel room, we're unable to confirm if it's Erin Andrews or not) after you click on the dangerous link. Of course, we strongly recommend that you do not visit the malicious site, or others which are purporting to be of the controversial peephole video.

Here's my advice - if you want to look at naked women, buy yourself an adult magazine or get yourself a girlfriend. If you go searching for sleazy videos then don't be surprised if it's not just your mind that ends up corrupted, but your computer, too.

Regular readers of the Clu-blog will know that it's becoming more and more common for hackers to try and kill two birds with one stone - setting up malicious webpages that can determine if you are visiting from a Mac or PC, and serve up the right flavour of malware accordingly.

In fact, Mac users may be especially vulnerable as so many of them seem to have such a laid back attitude to the virus problem. The Mac malware problem is, of course, much smaller than the Windows one - but that doesn't mean it's non-existent, and Apple fans would be wise to start taking security more seriously.

After all, Mac owners are just as likely to want to watch a video of a naked TV star as Windows users. And hackers are likely to carry on using risque videos to attract the unwary into a trap.

At least some of us will be safe - I, for instance, had never heard of Erin Andrews until this morning!

, , , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.