Security vendors have been reporting a wave of Michael Jackson spam emails designed to disseminate a Zbot banking password variant.
According to the PC Tools Threatfire blog, emails with the subject line: 'Michael Jackson Was Killed...' have been found in the security company's user community.
Within the messages recipients read:
"But Who Killed Michael Jackson? Visit X-Files to see the answer: (hxxp://xfiles link here)"
The link then redirects to a site hosted at 87.97.116.131. This is hosted in an x-file-esque directory "x-files/x-file-mjacksonkiller.exe", not live at the time of writing.
When the PC Tools users visited the site, it hosted a malformed pdf and Zbot banking password stealing variant.
PC users are reminded to keep updated third-party plugins such as PDF readers. It's never a good idea to run an executable file from an untrusted source, to click links in emails, or visit unknown sites.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment