A new backdoor (spying program) which poses as a DivX file containing subtitles from the latest Quentin Tarantino film Kill Bill has been spotted on the Net.
The low-spreading Manda-A (AKA PWSteal.Salira) Trojan arrives as a .RAR archive with a malformed header. This archive, 35347 bytes in size, has a movie subtitle name Kill Bill.
Subtitles are used alongside DivX movie clip files to enable foreign language speakers to follow the plot of a film.
As a social engineering trick, sending infectious files that pose as movie subtitles would seem to be of questionable effectiveness. Indeed very few copies of the Trojan have been spotted so far, making Manda more of a curious nuisance than a serious threat.
Read More Here