News involving celebrity deaths (real or hoax) have a habit of spreading across the Internet like wildfire, sensationalizing bits of information to entice readers. So, it is easy to see why pranksters and cybercriminals exploit the fact that people love gossip.
So when rumors of Johnny Depp’s supposed death due to a car crash broke out, it did not take long before cybercriminals took advantage of the supposed reports to spread malware via their usual blackhat search engine optimization (SEO) tactics.
While most hoaxes come in the form of spammed messages, this particular scam involved the creation of several malicious sites where rigged search results led to, which led curious readers to system infections rather than to more information on Depp’s alleged death.
If taken at face value, the blog pages above may pass off as a reputable source. Once users click the embedded links, however, they will be redirected to a video entertainment site that claims to host footage of Depp’s accident.
Upon playing the supposed video, users will be prompted to download a codec in order to watch it, which is actually a malicious file detected by Trend Micro as TROJ_DLOADER.GRM.
When executed, TROJ_DLOADER.GRM connects to a remote site to download a malicious file. It then displays a professional-looking graphical user interface (GUI) promoting a bogus software called DriveCleaner 2006 before opening a window that shows the software—an executable file—installation’s progress.
If there is one thing all users should realize, it has to be that they should never underestimate the speed at which an Internet hoax spreads. Whether seasoned Web surfer or first timer, it does not matter, it is always advisable to keep your guard up. Cybercriminals want profit. So, the more successful an attack, the more money they make.
Trend Micro™ Smart Protection Network™ protects users from this threat by blocking access to malicious sites and detecting and preventing the download of harmful codecs and malicious files.