Battle the Bogeyman this Halloween!

Almost all major holidays are used by bogeymen (also known as cybercrooks) as an excuse to spread malware or spam using social engineering. This year is no exception, so we recommend that you be careful especially if you receive any Halloween themed emails -- even if it's from someone that you know. We've collected some examples that are already circulating and that you need to watch out for.

1. Happy Halloween

We wish you a happy Halloween, but not in an email with a link that points to a malware.

The program looks and feels like a real screensaver application and it even has some "scary" pictures.


The file that the link points to is actually a malicious file detected as Trojan:Win32/Holwen.A (SHA1s: 0FDF6A2B72455AA7EE2B5485A2754E25C58DD2D9 and DAB0B5E5C71669834627975AB95587963C1A41A1) that may send information about the infected computer back to the attacker. It can also download and run arbitrary files.

2. Halloween-themed free video

An ancient trick to introduce malware into your computer is still out there. While searching for ideas online for Halloween parties, beware of any website asking for permission to download videos, such as this one: 

Clicking on the link will result in downloading a file called "install-to-plays.exe" (SHA1: 9A00B1A6E0AB3B32ABD821EB2C4FC41AACE31F20) to your computer. This is a malware known as TrojanDownloader:Win32/Renos.MJ, a downloader that introduces more malware, including common rogue antivirus software such as Rogue:Win32/FakeSecSen and Rogue:Win32/FakeXPA, into your computer.

This old trick is still somewhat effective. As of today, we received more than 300,000 reports of Win32/Renos.MJ. Instead of clicking on a link offered by an unknown website to install Flash Player, go directly to the Adobe website to obtain the latest version of Flash Player.


3. Halloween Specials - scare your partner!

This is the subject of the following spam that you may receive in your inbox. We’ve spared you some of the “scarier” details.

Even if this is the usual "pharmacy" spam, any reply from you might confirm that your email address is valid, ensuring your address will be included in other email lists used by spammers. Most likely that will result in you receiving more spam and possibly email containing malware.

We at MMPC wish you a malware-free Happy Halloween!

Andrei Saygo && Kai Yu && Patrik Vicol && Shali Hsieh


Comments (0)

Skip to main content