McAfee Labs has observed a surge in phishing campaigns using fake viral video links to trick users into downloading malware. The attack involves social engineering tactics, redirecting victims through multiple malicious websites before delivering the payload. Users are enticed with promises of exclusive content, leading them to fraudulent pages and deceptive download links. The malware is delivered via a password-protected ZIP file containing a setup.msi file, which, when executed, drops files into the %Roaming% directory and executes malicious commands. McAfee blocks this infection chain at multiple stages.

‍