Internet crooks love to create attack sites and e-mails that use lures based on popular news items and Internet porn. When the two come together, as with the recent news of an online “peephole” video of ESPN sportscaster Erin Andrews, the malware is sure to swarm.
A clarion call from security blogs is warning about just that. Sites purporting to show the video will push a hapless horndog to install a required video player that is instead – you guessed it – malware.
The video player trick is another big favorite among those who make money from infecting PCs. And it doesn’t stop with PCs – according to a blog post from Graham Cluely of Sophos, some attack sites hyping the Erin Andrews video will automatically check to see whether a visitor is using a Mac or a PC and launch a customized attack. The example he cites attempts to infect a PC with Mal/EncPk-IF malware or a rogue antivirus app. Mac users get an OSX/Jahlav-C Trojan horse.
As malicious video codecs and players are common attacks, it’s a very good idea to send any such download to Virustotal.com for a comprehensive scan from multiple antivirus engines before double-clicking or installing it. Doing so won’t guarantee that you’ll catch every piece of malware, but it offers much better odds than just scanning with the one security program on your computer.
In addition to Sophos’ warning, McAfee and Sunbelt have also posted alerts about the surging number of piggyback attacks. And if you’re in the mood for some irony, watch the (presumably safe) video embedded in the Sophos post about the danger of video-based Internet attacks.