January 23rd, 2008 by Bernadette Irinco
No sooner had the world learned of the untimely death of actor Heath Ledger (Brokeback Mountain) than malware authors started using the late actor?s name as a social engineering ploy. Within hours of these reports, Research Project Manager Ivan Macalintal discovered a couple of malicious URLs that turn up when users key in the search terms ?heath? and ?ledger?:
However, the user doesn?t even get to see this, as this page automatically redirects to another site. This site requires the user to download a ?new version of ActiveX Object.? As expected, this is just the beginning of a series of redirections that end in the download of different malicious files (like TROJ_RENOS.LZ in one infection chain, and WORM_NUCRP.GEN in another).