Spammers continue their efforts today with another round of celebrity oriented spam designed to entice users into watching a non-existent video. The fake video site exhibits the same behavior found in the CNN and MSNBC spam attacks covered earlier this month (i.e. a popup message indicates that the ActiveX movie control is out of date and the user is required to install an update to properly view the video).
The executable the user is forced into downloading and installing is known as install.exe or classified as a malicious Trojan – Trj/Exchanger (this particular threat will install AntiVirus XP 2008). It is apparent that the spammers are very interested in getting a large number of users to install and use false security products such as AV XP 2008 and it’s variants in an effort to generate revenue.