Dancing skeleton malware rattles across email


Spammers have once again sunk their fangs into Halloween and flooded email with holiday themed threats. When I was a kid parents feared tainted trick-or-treat candy. Now they can add spyware and computer viruses to their list of worries.

Dancing skeleton malware

Keep your eyes out for a “dancing skeleton” spam attack which contains links to malicious web sites. The sites are included in a spam message as an IP address (i.e. http://xxx.xxx.xxx.xxx). When users click through, they are directed to a site that says something along the lines of “Do You Want To See New Funny Sexual Halloween Game with Dancing Skeleton? Just Click Here.” The site tries to automatically download an .mht file (web archive file) which contains malware. Just in case the user doesn’t allow the download, the page also includes a link to “Halloween.exe.”

Email subjects include:

nothing is funnier this halloween
show this to the kids
for people with a sense of humor only
man this is funny
dancing bones
dancing skeleton
the most amazing dancing skeleton
watch him dance
make him dance
happy halloween

Go back