David Baxter PhD
Late Founder
Michael Jackson Malware
by Mikko
June 29, 2009
There have been a couple of malware attacks that have tried to use the news coverage of the death of Michael Jackson as the lure to get people infected.
Last night we saw this one: a file called Michael-www.google.com.exe. This file was distributed through a site called photos-google.com and possibly also through photo-msn.org, facebook-photo.net and orkut-images.com. Do not visit these sites.
When executed, Michael-www.google.com.exe drops files called reptile.exe and winudp.exe. These are IRC bots with backdoor capability. The file also shows this fake error message:
We detect the dropper and the backdoors as Trojan.Win32.Buzus.bjyo.
by Mikko
June 29, 2009
There have been a couple of malware attacks that have tried to use the news coverage of the death of Michael Jackson as the lure to get people infected.
Last night we saw this one: a file called Michael-www.google.com.exe. This file was distributed through a site called photos-google.com and possibly also through photo-msn.org, facebook-photo.net and orkut-images.com. Do not visit these sites.
When executed, Michael-www.google.com.exe drops files called reptile.exe and winudp.exe. These are IRC bots with backdoor capability. The file also shows this fake error message:
We detect the dropper and the backdoors as Trojan.Win32.Buzus.bjyo.
