Exactly the same tactic is applied with Hotfile, another file hosting service.
UPDATE 13/01/2011: Spreading malware through Hotfile is still common, so to speak. I've seen a TDSS variant spreading on it with the filename "surprise.exe" VirusTotal results can be found here . RapidShare seems to be faster in cleaning up infected files.
I received an email from one of my contacts with no subject. It contained the following link:
Link from hotfile which downloads a trojan horse. Link edited for your safety.
Result: 11/41 (26.8%)MD5: 4169dc3f5e44067435016d79336c4e1a
After executing the file it connects to remote hosts which can download other malware.
The conclusion is actually the same as in my previous post, but I will state it once again:
You should never trust an email which has:
- only a URL included in the message
- crappy spelling and grammar if there is content in the message
- been sent out to everyone in the sender's address book
- been sent from an unknown sender
- promises you can buy something for a very cheap price
- No subject or strange subjects ( eg.: "0 enjoy yourself" )
Never reply to this kind of email, simply delete it and don't look back ;) .
If you have downloaded a program and you are unsure about its intentions, you can always upload it to VirusTotal or other online virusscanners (VirScan, Jotti). Keep in mind that if a file is not detected by any engine, it is not necessarily clean!