An E-Card From Srizbi

Today the Srizbi botnet is sending out fake greeting e-cards. Some of these contain links to the file e-card.exe hosted on a compromised website while others contain links that lead to a Canadian Pharmacy website.

Running the e-card.exe file will install the rogue ‘anti-virus’ program XP AntiVirus 2008 and the Srizbi bot which will continuously send thousands of spam messages in the background.

This is just one of the many malicious email campaigns being sent from the Srizbi botnet, others include emails offering celebrity themed videos, photos or mp3s for download. Spam such as the one below has been around for a few months now.

Clicking on the link will take you to the fake YouTube website below. Downloading the video will actually download the file videporn920ma.exe, which when run will install further malicious programs.