Analysis by: Chloe Ordonia

With the death of former Libyan leader Muammar Gadhafi comes a slew of socially-engineered spam taking advantage of this historical event. The first variant of the received spam claims to be a CNN newsletter in Spanish, advertising a link where the user supposedly could download the video of his death in full. Of course, the link leads to a malicious download rather than the video itself. The second delivers its payload in a simple message, describing its zipped attachment as one containing images of Gadhafi's corpse, when in fact, it contains malware. The third variant is in Portuguese, with a screenshot of the actual video and a URL where the user may possibly be able to download or watch the video but is inaccessible at the time of this writing.


As always, Trend Micro advises users to always watch out for suspicious, unsolicited mail that sport links or attachments, especially those that come with such attention-grabbing content. Prudent caution is always necessary when dealing with this kind of mail. For breaking news, it is advisable that users visit reputable news sites rather than rely on email messages.

 SPAM BLOCKING DATE / TIME: October 25, 2011 GMT-8
 TMASE INFO
  • ENGINE:6.8
  • PATTERN:8472