Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Beware you morbid types...

Created: 08 Jan 2007 08:00:00 GMT • Updated: 23 Jan 2014 18:53:45 GMT
Hon Lau's picture
0 0 Votes
Login to vote

It hasn't been long since reports surfaced that videos of Saddam Hussein’s execution are available for download on the Internet. It’s no surprise that enterprising malware creators have latched on to this latest news in an attempt to spread their wares.

What we have is an email spam sent to unsuspecting targets with details about where you can download a video.
Of course, this email (like past, present, and future spam) is once again taking advantage of human nature to help it spread. In this case, it is trying to appeal to the dark side of the individuals who are on the receiving end of the email.

The subject line of the email looks like this:

From: videosadan@kibeloco.com.br
Subject: Video completo da morte de Saddam Hussein

The body of the email looks like this:

saddam.jpg

Within the body of the email, the link "Clique aqui” (Click Here) directs you to the mau[REMOVED]state247.com domain in order to download a file named video_sadan.exe. The file downloaded from this Web site is currently detected by Symantec as Downloader.Bancos. This file subsequently downloads another file that is detected as Infostealer.Bancos. Users of Brightmail AntiSpam will also be protected from this spam email.