Pamela Anderson, Michael Jackson, Harry Potter used as bait for spreading trojan

PandaLabs has detected the mass-mailing of messages with sensational subject fields to spread the Downloader.SQV trojan. Subjects used include two supposed earthquakes in the USA, the third divorce of Pamela Anderson or the release of the film “Jumper”.

The email format is the same in all cases, only the subject field varies. Yet it always involves some kind of sensational title, such as:

Pamela Anderson divorces in third times!!!

Michael Jakson glued up a person a plaster

CIA tortures prisoners!!!

Harry Potter was purchased by pentkhaus!!!

Two powerful earthquakes happened in the USA!!!

Princess Diana ´Could be have been killed by MI6´ – conclusions of experts!!!

The variable subject of the email also appears in the text body, along with the text:  “New Video!” and a link with the words “Download Now”. Any user clicking the link will be redirected to a web page that will infect their computer with Downloader.SQV. This trojan then downloads two other trojans: Spammer.AGF and KillFiles.BU. The first is designed to resend the emails, using the infected computer as a server, while the second prevents certain system functions from operating correctly.

“Malware creators frequently use sensational headlines or celebrities as lures to distribute malware. This is known as social engineering, and it is generally an effective technique”, explains Luis Corrons, technical director of PandaLabs.

To avoid falling victim to these malicious codes, PandaLabs advises users not to click links in emails from unknown sources. It is also advisable to have a good security solution installed and up-to-date to protect against both known and unknown threats.