msnbc.com’s Bob Sullivan:
Spammers have upped the ante in their efforts to trick news consumers, switching from e-mails with tabloid-style headlines to impersonating major online news services. On Wednesday, e-mails that appeared to be from msnbc.com landed in inboxes worldwide, promising breaking news and confusing some recipients.
The spam unleashed Wednesday follows a massive campaign last week in which spammers impersonated CNN.com. That campaign saw 250 million spam messages sent in one intense 24 hour period, according to spam-fighting firm MX Logic Inc. Those e-mails appeared to include links to CNN’s top 10 stories, but Internet users who were tricked into clicking on those links were sent instead to Web sites overseas that were booby-trapped with malicious software.
http://redtape.msnbc.com/2008/08/msnbc-cnn-hit-b.html
The malicious payload is only accessed when the user clicks on the ‘breakingnews.msnbc.com’ link, which takes users to a Web page named up.html. This page issues a pop-up encouraging users to download a ‘missing’ video codec, a file called adobe_flash.exe.
Threat Type: Malicious Web Site / Malicious Code.
http://securitylabs.websense.com/content/Alerts/3159.aspx
{ 0 comments… add one now }