Anniversary - 4 Easy Steps to Multimedia Social Engineering Attack
2007.February.22

1] Opening the email.

Most infections start with an e-mail which is crafted with the goal of grabbing your attention and intriguing your curiosity. By doing so, and even assuming it's safe to open an e-mail from a known sender, you are already 1 of 4 steps to being infected.

2] Believing that it’s a valid email.

As always, “Social Engineering” is the easiest trick of getting sensitive information compared to hacking in. The step is crafted towards making a message seem plausible and legitimate in order to entice you to what they want (usually opening an attachment).

3] Opening the streaming media attachment (*.asx)

The majority of end users typically thought that malicious files are executables in nature, and that other attachments should be safe to run. There are always new ways of exploiting different technologies, and this is just another example with streaming media. The streaming media is not malicious by itself but it can be used as a means.

4] Downloading and executing the “codec”

(Codec- A decoder for video and audio) - last step to being on the list of infected machines. Believing on downloading the codec is very likely to happen since computer users have the feeling of incomplete software to run or view my programs and videos. In this case, the trust is placed in a third party codec displayed by Microsoft Windows Media Player which is downloaded and executed in order to complete videos and other media which they wish to use.

This threat is currently detected as W32/VB.FT!tr.bdr. And based on our FortiGuard Virus World Map, the threat seems to be targeted mainly on Mexico, United States and France.