June 25, 2009 By Andrew Brandt

Our Cup Runneth Over with Farrah Fawcett Files and Michael Jackson Malware

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

fawcett1

With the sad news circulating the globe that 70s sex symbol, TV pitchwoman, and former Charlie’s Angel Farrah Fawcett passed away this morning, it didn’t take long for the malware vultures to execute their attack.

Beginning in the afternoon, our Proactive Research team began finding tons of pages that purportedly offered a Farrah Fawcett poster or photo for download. What you got, when you clicked the link that looks suspiciously like a video player (not a static image), was — you guessed it. A load of junk.

Interestingly, hovering the mouse over the video link causes the browser to display a “preview image” that looks awfully like Google’s front door. But clicking the link to the video brings you to yet another page with something that looks like a video player, and only when you click that link do you end up with an executable on your desktop.

fawcett2Few antivirus companies have the malware in their definitions. We’re identifying the files pulled down by the Fawcett installer as Trojan-Cognac (they leave, shall we say, a distinctive aftertaste), as well as Trojan-Zoeken and Adware-Sabotch. Zoeken is a nasty downloader, which brings down all kinds of badness on an infected system, and Sabotch tends to tout those wonderful rogue antivirus products we all love so much.

So far, the Fawcett-related malware is all coming from fake pages set up on blog site Vox.com. Until they clean up this mess (which I imagine will be fairly time consuming, as new ones keep popping up), don’t follow any search links headed in their direction.

And this afternoon, as rumors began to circulate that Michael Jackson was ill in hospital, the jackals pounced on that bit of news. More on that in the next post.

Share Button

18 Responses to Our Cup Runneth Over with Farrah Fawcett Files and Michael Jackson Malware

  1. Pingback: Cyberkriminelle nutzen Tod von Farah Fawcett und Michael Jackson aus - Security | News | ZDNet.de

  2. Pingback: Michael Jackson Death Exploited by Malware Vendors [WARNING]

  3. Pingback: Michael Jackson Death Exploited by Malware Vendors [WARNING] | HyipLife.com

  4. Pingback: Michael Jackson Death Exploited by Malware Vendors [WARNING] | TechDozer.Com

  5. Pingback: Tech Whiz Underground » Michael Jackson Death Exploited by Malware Vendors [WARNING]

  6. Pingback: Techeroid » Michael Jackson Death Exploited by Malware Vendors [WARNING]

  7. Pingback: Waarschuwing voor Michael Jackson malware « Cops in cyberspace Blog

  8. Pingback: Zero Day mobile edition

  9. Pingback: Michael Jackson Death Exploited by Malware Vendors [WARNING] | World News

  10. Pingback: Michael Jackson Death Exploited by Malware Vendors [WARNING] | Newsfed - Aggregate local and tech stories with related videos and tweets!

  11. Pingback: Jackson/Fawcett Malware is Extortion-ware « Webroot Threat Blog

  12. Pingback: Global Techno » Michael Jackson Death Exploited by Malware Vendors [WARNING]

  13. Pingback: Michael Jackson Death Exploited by Malware Vendors [WARNING]

  14. Pingback: Michael Jackson Death Exploited by Malware Vendors [WARNING] | Stoth

  15. Pingback: Michael Jackson’s death leaves door open to hacker threat | csmonitor.com

  16. Pingback: Jackson en Fawcett: de een z’n dood… | Beveiligingslog

  17. Pingback: More Malware Trades on Tawdry Searches « Webroot Threat Blog

  18. Pingback: Brazilian “Winehouse” Trojan Sends Hotmail, Bank Passwords to China « Webroot Threat Blog

Leave a Reply

Your email address will not be published. Required fields are marked *