Flash, Christmas and the new year

We see spam all the time. One of the most dependable things spammers do is to try and exploit various newsworthy events and holidays.

Recently, we have seen spammers spreading malware using a combination of either or both flash updates and christmas scams.

Add one more to that list.

Take for example, a spam we received today. The following email wishes the recipient a Merry Christmas and a Happy New Year, and then displays the following screen in an attempt to entice the user to click on the message.


Upon clicking “Play”, a script runs on the remote website which then displays a fake error message as shown below.

Since the user obviously has the wrong and outdated flash plugin, and needs the “latest version” to view this video, we are asked to update.

 Clicking on the “download” button attempts to download the alleged Flash update. 

This file is malicious and is detected as Troj/Dropr-CL.

As always, please disregard all emails which do not come from a known source, more so those that ask you to download stuff.

Have a great year.