Malware, Network Security, Threat Management, Vulnerability Management

Fake Angelina movies lead to malware via QuickTime

Researchers have discovered two movie files on file-sharing networks that are taking advantage of Apple's QuickTime Player to download malware from malicious websites. The .MOV files, both masquerading as the new Angelina Jolie film Salt, prompts a user to download a codec to view the video, Marco Dela Vega, threats researcher at Trend Micro, said in a blog post Friday. The files use a feature in QuickTime version 7.6.6 called wired actions, which allows files to take certain actions, such as visit a URL. The attack does not take advantage of a flaw but instead relies on social engineering to trick users into downloading the malware, Apple said, according to Trend. — AM

Related

New tool used in China-linked attacks against Asia-Pacific

Intrusions with the Waterbear backdoor and its updated variant dubbed "Deuterbear" have been deployed by China-linked threat operation BlackTech — also known as Earth Hundun, Manga Taurus, Circuit Panda, Temp.Overboard, Palmerwom, Red Djinn, and HUAPI — against government, research, and technology organizations across the Asia-Pacific, reports The Hacker News.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.