There could be malware lurking inside that Clinton 'video' link

Online criminals are capitalizing on interest in the presidential election by sending e-mail with a link that doesn't download a video but a Trojan horse instead.

Update 11:45 a.m. PST: This blog incorrectly described part of what the link downloads. It downloads a Trojan horse. The link does not take viewers to a video.

Moving beyond Valentine's Day as a social-engineering theme, online criminals have started sending out e-mail with a supposed link to a recent interview with Sen. Hillary Clinton. Instead of a video, the link downloads a Trojan horse onto the viewer's computer. Security experts predict 2008 presidential election e-mails and phishing sites will continue throughout the year.

On Thursday in Symantec blog, researcher Kelly Conley writes that the e-mail arrives with the subject line: Hillary Clinton Full Video !!! The body text reads, in part: "Hillary Clinton visited her Virginia campaign headquarters and did satellite interviews, looking beyond Tuesday's trio of contests..."

Often the malicious software is not within a video, but within the download link, as is the case here. Symantec says the link embedded within the e-mail downloads a suspect file, "mpg.exe," which is a Trojan downloader. This downloader then downloads inst241.exe, a file that Symantec detects as Trojan.Srizbi.

 

ARTICLE DISCUSSION

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

Hot on CNET

CNET's giving away a 3D printer

Enter for a chance to win* the Makerbot Replicator 3D Printer and all the supplies you need to get started.