Thanksgiving Day Screensavers Hide Malware, Experts Warn

The malicious element opens a backdoor for cybercriminals

Users who want to install a Thanksgiving Day screensaver to help them get into the holiday spirit are advised to be careful where they download it from since a malicious software masquerading as one is making the rounds.

Sophos experts have come across a screensaver called “Thanksgiving Day.scr” that appears to be harmless at first sight. However, while the user is viewing a holiday slideshow, in the background, the malware connects to a server and attempts to download malicious code.

Besides opening a backdoor to allow the attacker to gain control of the infected computer, the threat also drops a DLL file called ssheay.dll, which poses as an Add-in for Outlook.

Then, a new registry entry is created to ensure that the malware (Troj/DwnLdr-KJW) is executed each time the computer starts.

Beware of emails and social media posts that advertise such screensavers. It’s likely that, in the upcoming hours, this particular campaign will intensify.

Hot right now  ·  Latest news