Researchers at security firm McAfee said that attackers were embedding blog pages with URLs for malicious sites that claim to offer a video of the killing.
Users who attempt to view the video are prompted to download what the site claims is a codec file needed to 'translate' the video.
The 'codec' is actually a Trojan program that installs malware on the user's system.
Other sites then attempt to exploit a previously patched flaw in Internet Explorer to install the malware.
The use of major news events as a means of spreading malware is not uncommon. The infamous Storm worm surfaced early last year as an attachment to fake emails about flooding in Europe.
Criminals also used the Virginia Tech shootings, the London terror bombing, and Hurricane Katrina to bring in victims online.
The use of fake codecs is also a common tactic for spreading malware. Attackers will often use the promise of pornographic videos to lure users into downloading and installing Trojans.
The recent MacOS X Trojan was one such example of such an attack, using the fake video files to deliver a DNS changer.
Malware writers exploit Bhutto killing
By Shaun Nichols on Jan 7, 2008 2:06PM