Michael Jackson X-file scam steals passwords

Spam email, Zbot hooks unwary Jacko fans

By Megan Burger | PC Advisor | 03 July 09

Security vendors have been reporting a wave of Michael Jackson spam emails designed to disseminate a Zbot banking password variant.

Related Articles

According to the PC Tools Threatfire blog, emails with the subject line: 'Michael Jackson Was Killed...' have been found in the security company's user community.

Within the messages recipients read:

"But Who Killed Michael Jackson?
Visit X-Files to see the answer:
(hxxp://xfiles link here)"

The link then redirects to a site hosted at 87.97.116.131. This is hosted in an x-file-esque directory "x-files/x-file-mjacksonkiller.exe", not live at the time of writing.

When the PC Tools users visited the site, it hosted a malformed pdf and Zbot banking password stealing variant.

PC users are reminded to keep updated third-party plugins such as PDF readers. It's never a good idea to run an executable file from an untrusted source, to click links in emails, or visit unknown sites.

PC security advice and reviews

Share this article

Comments

Send to a friend

Email this article to a friend or colleague:

Recipient's name *

Recipient's email *

Your name *

Captcha *

PLEASE NOTE: Your name is used only to let the recipient know who sent the story. Both your name and the recipient's name and address will not be used for any other purpose.