Please wait while the page is being loaded Skip this advertisement >
ARN

Fake CNN malware attack spins Gaza angle

Hackers have launched a large-scale spam attack masquerading as CNN.com news notifications .
Gregg Keizer (Computerworld (US))  09 January, 2009 08:36:00
Tags: security
Have your say!
Add to Google
ARN Directory | Distributors relevant to this article
Corporate Computer Resources , Express Data , Express Online , Fortune Tec , Ingram Micro Australia , Scholastic Media & Technology , Topstar Computer International , Westan
ARN Directory | Vendors relevant to this article
RSA, The Security Division of EMC
More about security
More about security >

Hackers have launched a large-scale spam attack masquerading as CNN.com news notifications about the Israeli invasion of Gaza, security researchers said Thursday, in a repeat of a massive campaign last summer that also posed as CNN alerts.

Wednesday morning, RSA Security Inc.'s FraudAction Research Lab spotted the first messages in the new attack, which take advantage of the ongoing conflict in Gaza. Israeli ground forces entered Gaza on Jan. 3 after several days of airstrikes and naval bombardments that began Dec. 27.

The messages, said Sam Curry, vice president of product management at RSA, pose as alerts from the CNN cable news channel, and promise "graphic and striking" images about the conflict in Gaza between Israel and Hamas.

"It starts off with phishing e-mail that tries to look like CNN," said Curry, "and then the social engineering aspect kicks in. The messages tries to get you to go to a Web site that looks like CNN.com. There, the [fake] site says you must update to Adobe Acrobat 10." Accepting the download delivers a Trojan to the PC instead.

"The Trojan is an 'SSL' stealer," added Curry. "It scrapes the disk and looks for traffic to and from known financial services."

Other security companies reported the campaign, and said the attack is growing very quickly. MX Logic Inc., for example, said that it had seen a major jump in attack volume Thursday.

Early Thursday, said Sam Massiello, vice president of information security at MX Logic, traffic spiked to a pace of about 80,000 messages per hour. "It peaked this morning, around 10 a.m. Mountain [Standard Time], but it dropped pretty quickly after that," said Massiello. "Now, it's holding steady at around 15,000 to 20,000 messages an hour."

Massiello noted the similarities between the newest attack and one conducted in August 2008, when MX Logic monitored more than 160 million messages in a 48-hour period. So far, the current campaign is much smaller. "It's nowhere near the volume of August," he said. "But remember, it took about three days for that attack to really ramp up."

In a posting to the MX Logic blog earlier Thursday, Massiello listed some of the subject lines that the bogus CNN messages use, including "Hamas launching rocket war after Gaza evacuation," "Hamas Goads Israel into War" and "War in Gaza: while Israel and Hamas fight."

"They're trying to look topical," said RSA's Curry.

Comments

Post new comment

Users posting comments agree to the ARN comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
The content of this field is kept private and will not be shown publicly.
Enter the fully qualified URL, eg. http://www.example.com/
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Syndicate content Syndicate content
Careerone Job Search
Job seekers Get job alerts | Post your resume online | Interview tips | Ask Kate
Advertisers Click here to advertise your jobs to thousands of job seekers monthly.
 
ARN Distributor Directory
 
Find distributors by name
Find distributors by vendor
Find distributors by location
ARN Vendor Directory
 
Find vendors by name | Find by category
ARN Community Comments
Most Commented
ARN Library


Read Material

Understanding Email Marketing: A Guide for SMBs

Email marketing is often viewed as a marketers silver bullet. If used effectively, email campaigns will provide strong results for a limited spend each and every time. Download this white paper to discover how email marketing can work for you and your business.

Subscribe to ARN

ARN has been the premier provider of information to the Australian IT channel for more than 12 years. As the only weekly publication dedicated to the channel, ARN produces timely, accurate news and analysis about IT business issues, products and services, new technology and market opportunities.
Sponsored Links