Jacko fans are being warned to be on their guard as spammers try and take advantage of demand surround the release of the singer’s posthumous ‘This is it’ track.
Symantec, makers of Norton security software, has warned that unscrupulous criminals are spamming Michael Jackson fans with a link to song. The track actually premiered on MichaelJackson.com at midnight on the 12th October. However the link on the dodgy email downloads software onto a user’s computer allowing it to be controlled remotely.
When the user clinks on to a link the browser opens a page on a site which in turn refreshes to another hacked website. According to Symantec ‘this executes a .hta file that is detected as Downloader.Psyme. Once the .hta file is executed, a file called AutoCfg.exe (detected as Backdoor.Trojan by Symantec) and legitimate files Servmess.dll, Autoexnt.exe and Instexnt.exe are all downloaded. These legitimate files are normally used for administrator purposes, but in this case the malware uses them to run after every reboot even if there is no one logged on the computer. At this point, the computer can be remotely controlled and all the information on it falls into the hands of the criminals.’
Obviously Symantec is advising Jacko fans not to clink on any dubious looking links and to ensure antivirus and firewall software is up-to-date