Once again, users are being manipulated by social engeering tactics to get them to download malware on to their computers – this time the malware-laced codec purports to be a video of the assassination of Pakistan's Benazir Bhutto. And blogging web sites are carrying the link in the belief that it is legitimate.
Rahul Mohandas, writing on the McAfee Avert Labs blog, says the malware claims to be a New HD Codec, which attempts to social engineer users into believing they are downloading a legitimate codec for playing the video.
"At least 10 blogger websites are observed to be hosting this fake video (at the time of writing this blog) which redirects the users to the typo-squatted domain containing the fake codec," Mohandas writes.
"There are a plethora of websites which attempt drive-by installations when unsuspecting users visit websites returning search engine results for 'Benazir Bhutto'." he adds.
"Many of these compromised webpages have malicious scripts injected into the webpage which points to the malicious domain. These webpages contain obfuscated variants of the MS06-014 exploit which is perhaps one of the most popular of all the exploits we see on a daily basis."
Meanwhile, Facebook has removed two profiles that claim to be posted by Bhutto's 19-year old son Bilawal, saying they are not authentic.
The young man is now the leader of the Pakistan People's Party, formerly led by his mother.
Facebook investigated complaints that the two profiles were a hoax, found them to be bogus and removed them.