Video Screencast Help
Security Response

You Know it's Election Year When…

Created: 14 Feb 2008 08:00:00 GMT • Updated: 23 Jan 2014 18:42:15 GMT
Kelly Conley's picture
0 0 Votes
Login to vote

It's election year in the United States,everyone must be aware of that by now. We've just observed a Trojanbeing spammed out utilizing a candidate's name, Hillary Clinton, asbait. The email asks you to click a link to download an interview withher. The email circulating has the following subject line:

Subject: Hillary Clinton Full Video !!!

The body of the email looks like this:

The link looks to be coming from http://www.google.com/pagead/iclk?sa=3Dl&ai=3DRwGGv&num=3D96249&a=durl=http://canotajetrilly.com/[REMOVED]/rdown.php?PNDcx"=id=3D

Looking closer, we see the actual link is:

http://canotajetrilly.com/[REMOVED]/rdown.php?PNDcx"=id=3D

But, do not click the link because this link does not take you to avideo. This link downloads a suspect file, "mpg.exe," which is a Trojandownloader. This downloader downloads a file, inst241.exe, which isdetected as Trojan.Srizbi. So far the volume appears to be low, butbeware: do not click this link or any links associated with these spamemails.