PDA

View Full Version : CNN Daily Top 10 of EVIL



UndeadProd
08-07-2008, 03:57 PM
I don't know about anyone else, but my e-mail is getting friggin' flooded by the latest malware scam e-mail: CNN DAILY TOP 10

I've encountered agressive spam before, but I think this one is the most intense I've ever seen. I've received it 15 times in the last 24 hours (and god knows how many times in my junk-mail folder)

Beware, it is the bastard son of a thousand spaminacs ...

Beware "CNN.com Daily Top 10" emails; actually malware


http://f3.yahoofs.com/ymg/null__10/null-897949315-1218043477_thumb.jpg?ymXJ3z_Cs47EsVRx (http://f3.yahoofs.com/ymg/null__10/null-897949315-1218043477.jpg?ymXJ3z_Ch7FfKhlx)
Thousands (possibly millions) of users are receiving what looks like an innocuous daily missive from CNN.com (it sailed right through my spam filter), offering links to the "Daily Top 10" stories and videos. Flag these emails as spam, and do not click the links inside. The links will direct you to a malware website and attempt to install dangerous software on your PC.

In Outlook and many web-based mail clients, the message will show up initially as a series of broken images. If you choose to load the images, you'll see list of 20 randomized stories and videos, most of which look completely harmless ("China tightens security following attack in west"). The use of images bypasses the automatic disabling of web links, so you won't get a security pop-up if you click on one of the links in the email; your web browser will open automatically.

If you do click one of the links you'll get an innocuous-looking CNN-branded video player and an error message with a notice "Video ActiveX Object Error. Your browser cannot play this video file." The message then prompts you to install an ActiveX Object... which, of course, is actually a Trojan horse. You can read more about the specific threat here (http://www.pctools.com/mrc/infections/id/Trojan-Downloader.Agent.EL/). (Essentially it opens a door to allow for even more malware to be installed.)

CNN is of course not affiliated with the threat. It doesn't operate the website in question and the messages are being sent from randomized email accounts, likely on infected machines. But keep this in mind if you see any emails from CNN this week, whether or not you subscribe to any of its mailing lists.

Jordan24
08-07-2008, 10:06 PM
Yeah, I got a couple of those. I actually was dumb enough to open it though. I thought it was a legit e-mail untill I read Meriyll Lynch was going under, after that I knew it was some kind of spam.

Luckly I've don't yet have a virus, who knows though?

Jim Warfield
08-07-2008, 10:20 PM
Jordan, Go stand infront of a mirror, look really long and hard, study your every detail, are you sure?
There it was!
It did it again!
See your eyebrow? It twitched all by itself!
You might have it!
Look around your place for the pod!