A video which supposedly reveals an accident of famous singer Shakira has been found to be a front for a cybercriminal operation designed to spread a nasty Trojan.
The “video” – served from a .co.uk domain – is not actually a video, but an archive file which contains an executable called
Noticiascaracolvideoaccidenteshakirabarcelona.exe.
GFI Labs experts have
learned that when it’s executed, the file starts scanning the system to see if any debuggers are present and if none is found, a second malicious element (windsyslogc.exe) is downloaded.
The malware adds itself to the infected computer’s registries to ensure that it can step into play whenever the device is fired up.
Both .exe files have been identified as
Trojan.Win32.Generic!BT.
The names of celebrities such as Shakira have been often utilized in Facebook scam campaigns, but as it turns out, cybercriminals have no trouble in leveraging them when they want to spread malware.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
