Fake Angelina movies lead to malware via QuickTime | SC Media
Architecture, Network security, Strategy, Vulnerability management, Threat intelligence, Threats, Malware

Fake Angelina movies lead to malware via QuickTime

August 2, 2010

Researchers have discovered two movie files on file-sharing networks that are taking advantage of Apple's QuickTime Player to download malware from malicious websites. The .MOV files, both masquerading as the new Angelina Jolie film Salt, prompts a user to download a codec to view the video, Marco Dela Vega, threats researcher at Trend Micro, said in a blog post Friday. The files use a feature in QuickTime version 7.6.6 called wired actions, which allows files to take certain actions, such as visit a URL. The attack does not take advantage of a flaw but instead relies on social engineering to trick users into downloading the malware, Apple said, according to Trend. — AM

prestitial ad