Update 11:45 a.m. PST: This blog incorrectly described part of what the link downloads. It downloads a Trojan horse. The link does not take viewers to a video.
Moving beyond Valentine's Day as a social-engineering theme, online criminals have started sending out e-mail with a supposed link to a recent interview with Sen. Hillary Clinton. Instead of a video, the link downloads a Trojan horse onto the viewer's computer. Security experts predict 2008 presidential election e-mails and phishing sites will continue throughout the year.
On Thursday in Symantec blog, researcher Kelly Conley writes that the e-mail arrives with the subject line: Hillary Clinton Full Video !!! The body text reads, in part: "Hillary Clinton visited her Virginia campaign headquarters and did satellite interviews, looking beyond Tuesday's trio of contests..."
Often the malicious software is not within a video, but within the download link, as is the case here. Symantec says the link embedded within the e-mail downloads a suspect file, "mpg.exe," which is a Trojan downloader. This downloader then downloads inst241.exe, a file that Symantec detects as Trojan.Srizbi.
Be respectful, keep it civil and stay on topic. We delete comments that violate our policy, which we encourage you to read. Discussion threads can be closed at any time at our discretion.