‘Celebrity news’ still an active lure for malware

Over a past few weeks SophosLabs have been tracking the spamming of a link to malware. Thankfully the link destination appears to be down now but earlier in the week it was serving Troj/Exchan-Gen. The link was using Google redirection to try to fool users and make life difficult for anti-spam products.

SophosLabs issued protection for the malware and the spam. The subjects of the messages were:

Sensation.New Video - make haste to look!!!” or “Sensation.Video New - make haste to look!!!“.

An example message body, referring to the high profile inquest into the deaths of Dodi Al-Fayed and Princess Diana, is shown below:


Other message bodies referenced:

Bred Pitt marks a birthday!!!
Britney Spirs made a match!!!
CIA tortures prisoners!!!
Harry Potter was purchased by pentkhaus!!!
Hillari Clinton stood up for daughter!!!
Hollywood stars George Clooney!!!
"Jumper" is a fantastic film of producer Doug Liman - presentation!!!
Madonna reinvents herself as film director!!!
Michael Jakson glued up a person a plaster!!!
Mobile replacement of Blu-ray and HD DVD is created!!!
Pamela Anderson divorces in third times!!!
Princess Diana 'could have been killed by MI6' - conclusions of experts!!!
Secrets of Cambridge 'porn' library revealed!!!
The extramarital son of John Kennedy appeared in Canada!!!
The first photos of new-born son Agilery are published!!!
The first roller is presented to the film "Indiana Jons - 4"!!!
Two powerful earthquakes happened in the USA!!!

So long as a sufficient percentage of users are fooled by the social engineering, the use of ‘news’ stories to push malware looks like a continuing trend.