Over the past 24 hours, we’ve have seen a rash of malicious spam pushing screensavers that are, in reality, backdoor trojans (VirustTotal report here, with very poor detection by most engines). It is unknown how widespread these spams are.
Both of the sites that we have observed hosting these screensavers appear compromised. One is already down, and we are in the process of attempting to get the other one taken down.
Clicking on the link brings the user to a very realistic “3d screensaver” page:
Of course, installing one of these screensavers will not actually avail oneself to the ostensible benefits of watching Santa’s Home or the Matrix. Instead, one may get a rather nasty surprise.
Alex Eckelberry