Monday, July 20, 2009

Malware Spread Through Fake Links to Erin Andrews Peephole Video

Reports of a peephole video showing ESPN's reporter Erin Andrews nude first emerged on Friday, but since then it's continued to be one of the most widely searched for terms on the Internet. Hackers aren't wont to pass that sort of opportunity up, and are attempting to infect your computer via purported links to the video.

Erin Andrews' lawyers say that they will take legal action against anyone distributing the footage, which, peephole video that it was, was taken without her knowledge or consent. In fact, this sort of announcement just verifies that the video is real, and makes people interested in finding a link to the video all the more desperate. Here's what they said in a press release:
"While alone in the privacy of her hotel room, Erin Andrews was surreptitiously videotaped without her knowledge or consent. She was the victim of a crime and is taking action to protect herself and help ensure that others are not similarly violated in the future. Although the perpetrator or perpetrators of this criminal act have not yet been identified, when they are identified she intends to bring both civil and criminal charges against them and against anyone who has published the material. We request respect of Erin's privacy at this time, while she and her representatives are working with the authorities."
On Friday, I managed to find an Erin Andrews peephole video link with the aid of Google, and armed with common sense and good anti-malware software, checked it out. It's not really all that worth it, guys. Anyway, that was earlier, and AV firm Sophos reports that hackers are redirecting folks to links which spread malware:
Of course, hackers are no slacks when it comes to taking advantage of a hot internet search trend, and although the real video has now been removed from YouTube, they have been quick to set up bogus webpages claiming to contain the video footage of Ms Andrews in her hotel room.

And - surprise surprise - if you visit those webpages you could be putting the security of your computer at real risk. For instance, in the video I have made I show how a website has been set up to look like a genuine CNN video page - but in fact, it tries to fool you into thinking that your browser's popup blocker has prevented the peephole video from playing and tries to make you download a malicious program.
Likely, you'll see (if you haven't already) email spam trying to spread the same sort of malware with an Erin Andrews peephole video link embedded in it. Want to try to watch it? There are valid links, but if you're going to try (and many will), then:
  • make sure your antivirus is up-to-date
  • use common sense
  • don't install anything a site may ask you to
  • cross your fingers
Ads by

No comments: