Wednesday, August 06, 2008

New malware pretends to come from CNN


Web Hosting News has advised users of a new virus that purports to offer a news feed from CNN, with items particularly related to the upcoming Olympics. It would be called “CNN.com daily top 10” or some similar variation. Arlington County VA today included this warning to its emergency notification email list, indicating that the cyber alert is taken unusually seriously. The article (by David Hamilton) has the following link.

The email encourages the viewer to view a video that in fact downloads malware.

Media companies and organizations like the Associated Press have complained that “news scraping” services amount to copyright infringement and may encourage the propagation of malware. But the CNN item is the first that I have heard of based on a major media news service.

Other phishing attacks typically involve mimicking financial institutions, scams (like the Nigerian scam), Ebay, Paypal, or ISP’s (especially AOL, which seems unable to detect these attacks with its own spam filter). Some attacks pretend to be bounced email with Mailer daemons.

There is some indication in web security literature (especially McAfee Avert labs) now that spammers are infecting unsuspecting user machines with trojans to overcome captchas and start splogs. The general problem is well covered in Wikipedia. Anti-virus software and firewalls should be catching these if properly used.

No comments: