by Blight Crusader

I suppose it was inevitable. A beautiful woman has her privacy violated and a surreptitiously-shot peeping-Tom video hits the Internet. Add to this the fact that she’s a famous ESPN sports reporter, and what happens next is a huge wave of people online looking for the video to watch. Since the video itself is illegal, it disappears from YouTube and legitimate sites, causing people to look elsewhere. With such enormous online interest, the malware can’t be far behind.

So it should come as no surprise to anyone that that is exactly what is happening.

Fox News has the basic outlines of the story:

Searching online for that nude video of ESPN reporter Erin Andrews? Better not, say computer security specialists.

Crafty hackers have created a fake CNN Web page housing what purports to be the video of the glamorous sports reporter undressing — but when you click on it, you’re asked to download a specialized video player, which is full of digital nastiness to infect your computer.

Macintosh users are not immune to this one — in fact, the hacker software detects what kind of computer you’re using and dumps an even nastier Trojan horse onto Macs than it does PCs.

But a surprising source for technical details, a celebrity-watching blog (called, quite ungrammatically, “Celebrities HOT news!!!” actually has the detailed story, at least for the Windows version of the virus:

But the bad news is, spammers and Trojan installers are very happy with the Erin Andrews peep Video. They are using the said video to do their illegal stuffs which infects many computers. There has been a boom in malicious spam, web sites and Twitter posts advertising a “peep hole” video of ESPN reporter Erin Andrews undressing in a hotel room.

Researchers at Sunbelt Software have detected that the Trojan installers used in the scam are generating a large number of polymorphic variants. The installers change with sites each day and number around 10,000 unique hashes.

VIPRE detects one as Trojan.NSIS.DnsChanger (v). Detections for a second, Trojan-Downloader.Win32.CodecPack.2GCash.Gen, will be pushed out shortly.

Tags: trojan, virus

This entry was posted on Saturday, July 25th, 2009 at 12:21 am and is filed under Articles, Blight News, Headlines. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.