Online criminals are capitalizing on interest in the presidential election by sending e-mail with a link that doesn't download a video but a Trojan horse instead.
Update 11:45 a.m. PST: This blog incorrectly described part of what the link downloads. It downloads a Trojan horse. The link does not take viewers to a video.
Moving beyond Valentine's Day as a social-engineering theme, online criminals have started sending out e-mail with a supposed link to a recent interview with Sen. Hillary Clinton. Instead of a video, the link downloads a Trojan horse onto the viewer's computer. Security experts predict 2008 presidential election e-mails and phishing sites will continue throughout the year.
On Thursday in Symantec blog, researcher Kelly Conley writes that the e-mail arrives with the subject line: Hillary Clinton Full Video !!! The body text reads, in part: "Hillary Clinton visited her Virginia campaign headquarters and did satellite interviews, looking beyond Tuesday's trio of contests..."
Often the malicious software is not within a video, but within the download link, as is the case here. Symantec says the link embedded within the e-mail downloads a suspect file, "mpg.exe," which is a Trojan downloader. This downloader then downloads inst241.exe, a file that Symantec detects as Trojan.Srizbi.