Malware from Rapidshare links

Malware coming in the form of e-mails is not unusual these days.

However, malware can also be found in links from blogs:

According to its name,  PC****ct.exe, it seems to suggest to people that these links provide some kind of anti-virus software. However,  the URLs lead you to an executable that then downloads various malicious files.

Sophos detects this file as Troj/FakeAle-OZ. This malware attempts to download from certain sites which seem to have been taken down (access to which is already blocked by Sophos’s web appliance).

Besides blogs, the malicious links also spread by emails.

The “To address” list of the e-mail suggests that the e-mail was sent by the malware running on a victim’s computer and using his/her address book.

So, please beware of malicious rapidshare links, which are not only posted on blogs but also sent to you by friends ;-).