You need a codec to watch this

Angelina Jolie continues to lead in the “top malware subjects” competition. Today’s version of the spammed out “Angelina Jolie naked clip” malware would not be worth blogging about if it wasn’t for the quality of website that it points to.

The website mimics the popular media player and looks like it is ready to show you the video you so desperately want to watch. The pop-up that prompts you to install the missing “video codec” is also quite convincing:

Of course the “player” is just a static picture and the “codec” file video.exe is malware detected as Troj/Inject-CR.

The malicious page is hosted on a compromised domain that belongs to a textile manufacturer. This domain has been hosting different kinds of malware since Aug 22nd. Most recently, it was also seen in “Canadian Pharmacy” spam as a redirector to spam pills store.

Posted on September 6th, 2008 by Dmitry Samosseiko, SophosLabs Canada
Filed under: General, Malware, Spam, Web

Windows 7 security - A great leap forward or business as usual?

About SophosLabs

SophosLabs protects businesses from known and emerging malware - viruses, rootkits and spyware - and other computer threats like phishing, spam and scams. Learn more about the people who write this blog.

RSS feed

Hot video

International Kill-A-Zombie Day

SophosLabs blog