Firstly, Merry Christmas to all our readers!
Unfortunately, Christmas doesn't mean that the malicious activities in cyberspace is going to stop, hence this posting.
Today we received a message that claims to have come from one of the Google Groups.
The message looked like this:
Following the link, a page that apparently serves video contents showed up. It then popped up a message asking for a plugin upgrade.
starting to sound familiar?
It also insists the plugin be installed by means of never ending popup windows.
When the "OK" button is clicked, a file is downloaded to the machine which is detected by Sophos as Mal/TDSSPack-Q.
This is a typical case of malware posing as plugins required for playing videos.