Tech Shout!

After Valentine’s Day, the latest topic which malware perpetrators seem to catch on is the subject of US elections. The attacks have been witnessed in the midst of the US presidential primaries and eight days after “Super Tuesday” in which several states cast their votes for each party’s presidential candidate.

Security experts have discovered that attackers are using videos of candidates to lure internet users into downloading Trojan applications.

Senator and presidential candidate Hillary Clinton is the attraction for spreading the malicious file download, reported Symantec and McAfee.

Symantec cautioned users against an attack usually titled “Hillary Clinton Full Video!” which uses spam emails to propagate a malicious application. Users are deceived into believing that a video with Clinton speaking will appear, however what comes up is a file named ‘mpg.exe.’ This file then downloads another Trojan application which adversely affects the user’s system.

Dark Reading quoted Symantec researcher Kelly Conley stating, “Do not click the link, because this link does not take you to a video. This link downloads a suspect file, ‘mpg.exe,’ which is a Trojan downloader. This downloader downloads a file, inst241.exe, which is detected as Trojan.Srizbi.”

On the other hand, experts at McAfee noticed a similar kind of attack which uses links hidden inside email messages. Like the fake email reported by Symantec, this email too claims to have a video of Clinton speaking, but in reality it redirects to a page hosted on Google ads. Subsequently, the page redirects to another site which tires to download and deploy a Trojan application.

Further McAfee added that the Clinton blogs resemble another set of attacks which claim to offer videos of pop stars Jennifer Lopez, Beyonce, and Britney Spears.

As always, users have been advised to be attentive, and to keep all the necessary anti-spam and anti-malware protections up-to-date.