The latest stunt criminals are using to get you to download malware is a report of a dirty bomb going off near you.
Network World reports that criminals are trying to trick users into downloading malware by luring them to a Web site that reports a hoax breaking news' story of a bomb explosion cleverly tailored to their location.
Picked up in different forms by the spam traps of several security vendors, the attack is able to work out the approximate location of the viewer from the visitor's IP address, serving one from a range of news
localized versions of almost identical stories.
According to Sophos and Websense , an e-mail claiming that 18 people have been killed in an explosion starts with the subject line, "Why did it happen in your city?", "Take Care!". A link leads to what appears to be a Reuters news story on the bomb, complete with video, which turns out to need a special CODEC. Downloading this, starts an infection with Waledac (identified as WaledPak-E by Sophos).
Read...
Dirty Bomb Hoax
Network World reports that criminals are trying to trick users into downloading malware by luring them to a Web site that reports a hoax breaking news' story of a bomb explosion cleverly tailored to their location.
Picked up in different forms by the spam traps of several security vendors, the attack is able to work out the approximate location of the viewer from the visitor's IP address, serving one from a range of news
localized versions of almost identical stories.
According to Sophos and Websense , an e-mail claiming that 18 people have been killed in an explosion starts with the subject line, "Why did it happen in your city?", "Take Care!". A link leads to what appears to be a Reuters news story on the bomb, complete with video, which turns out to need a special CODEC. Downloading this, starts an infection with Waledac (identified as WaledPak-E by Sophos).
Read...
Dirty Bomb Hoax