Trend Micro threat research engineer Benson Sy encountered two .MOV files (001 Dvdrip Salt.mov and salt dvdrpi [btjunkie][xtrancex].mov) that both used the recent movie Salt, starring Angelina Jolie. It looks suspicious enough because of its relatively small size compared with regular movie files.Source: Trend Micro Blog
When the movie files are loaded to QuickTime, it doesn’t show any live action scenes but leads users to download malware pretending to be either an update codec or another player installation. We are still investigating whether the malware is exploiting a vulnerability or using a known functionality to download other malware.
Attackers using QuickTime movies to redirect viewers to infected sites
Posted on Monday, August 02 2010 @ 15:19 CEST by Thomas De Maesschalck