By Dancho Danchev
Cybercriminals are currently spamvertising millions of emails impersonating Google’s YouTube team, in an attempt to trick end and corporate users into executing the malicious attachment found in the email. Upon execution, the samples opens a backdoor on the affected host, allowing full access to the targeted host by the cybercriminals behind the campaign.
Sample screenshot of the spamvertised email:
Detection rate for the malicious attachment: Content_ID_Matches.avi.exe – MD5: 38142e6d218752e8e0e17f13a40a6fc3 – detected by 32 out of 42 antivirus scanners as Trojan-Downloader.Win32.Andromeda.bm; Trojan.Gamarue.N
Webroot SecureAnywhere users are proactively protected from this threat.