Cybercriminals are using a non-existent video that claims to show Democratic Party presidential nominee Hillary Clinton exchanging money with an Islamic State (IS) leader to distribute malicious spam emails.
The email’s subject announces “Clinton Deal IS Leader caught on Video”.
There is no video in the email which contains Adwind cross-platform remote access Trojan, global cyber security leader Symantec alerted on Thursday.
The email also discusses voting and asks recipients to “decide on who to vote [for]” after watching the non-existent clip.
The spam email signs off with the name of an unknown group called “Lets Save America” and a #letssaveUSA hashtag.
If the attached malware to the email gets executed, the recipient is infected with a Java remote access Trojan (RAT) that Symantec detects as Backdoor.Adwind.
It also drops a Visual Basic Script (VBS) file that allows the malware to determine which antivirus and firewall software is running on the compromised computer.
The Adwind RAT is multi-functional and cross-platform, making it possible to infect Windows, Mac, Linux and Android operating systems.