Bhutto Assassination Draws Malware Scammers

Blogger links that purport to lead to video of Benazir Bhutto’s last moments alive go to a fake video codec and an all too familiar exploit.

Criminals have long embraced current events as fodder for their schemes. Benazir Bhutto’s assassination in Pakistan grabbed worldwide attention, and of course that of malware creators.

Security vendor McAfee has spotted several sites on Google’s Blogger service hosting new social engineering attempts related to this. The scams purport to link to a video of the Bhutto assassination.

If someone clicks one of these links, the browser displays a message saying a new Video ActiveX Object needs to be downloaded to play the video. This codec is a fake, one that has been seen plenty of times previously.

“These webpages contain obfuscated variants of the MS06-014 exploit which is perhaps one of the most popular of all the exploits we see on a daily basis,” researcher Rahul Mohandas said in an Avert Labs blog post.

That exploit affected Microsoft Data Access Components, and received a patch in April 2006. However, scammers continue to hope to find unpatched systems that will allow their exploit to work, and download more malware to the PC.

Source: Webpronews.