Multiply users urged to download disguised malware

Users of the Multiply social networking site have lately been targeted with malicious personal messages coming from accounts opened by cybercriminals.

The message implies that the sender and the recipient know each other from somewhere, and the potential victim is urged to see the attached movie in order to jog their memory. But, the movie is just a pretext to get him or her to install a codec that is supposedly needed to see the video:

Of course, the offered codec is a dropper Trojan in disguise. It is detected by Trend Micro as TROJ_KATUSHA.F, and it’s also often sent out as an attachment in bogus e-mails.