In terms of content, the above spam messages are full of information and a fake malicious link gives the video an introduction to the movie. Users are also encouraged to click on the link to receive free movie tickets.
But hiding behind that link is a Trojan named Pirabbean-A. The main function of this Trojan is to enable dial-up Internet connection on infected systems.
The file containing the Trojan Pirabbean-A still carries the standard format of normal video files, but when the user activates, an error is reported that the system is missing the video (codec). In fact, the Trojan has been installed on the system while disabling the antivirus software.
Trojan 'Pirates of the Caribbean' Picture 1 Error notification when first running the file containing the virus
In addition, the Trojan also modifies some Internet Explorer browser settings such as adding two website links to Favorites. These are special websites designed to "insert" more malicious code into the user's PC.
This is not the first time hackers use this kind of attack to spread malicious code. But it may take a long time for hackers to use this method. The most recent attack is taking advantage of the launch of the Harry Porter movie.