Thursday, August 14, 2008

Bogus 'msnbc.com - BREAKING NEWS' Alerts

Websense® Security Labs™ ThreatSeeker™ Network has discovered a new replica wave of 'msnbc.com - BREAKING NEWS' alerts that are being sent out via spam emails. Similar to previous attacks related to 'Bogus CNN Custom Alerts', these emails contain links to a legitimate news page, but are designed to encourage users to download a malicious application posing as a video codec.

The malicious payload is only accessed when the user clicks on the ‘breakingnews.msnbc.com’ link, which takes users to a Web page named up.html. This page issues a pop-up encouraging users to download a ‘missing’ video codec, a file called adobe_flash.exe.


Here are some examples of the varied subjects used in this campaign:
msnbc.com - BREAKING NEWS: Arsenal buys Ronaldo from Man Utd
msnbc.com - BREAKING NEWS: Copycat murderer beheads woman on Greyhound bus
msnbc.com - BREAKING NEWS: Too much freedom will destroy America
msnbc.com - BREAKING NEWS: Mary-Kate Olsen responsible for Heath Ledger's death
msnbc.com - BREAKING NEWS: Stupid Asians lose lawsuits against Americans
msnbc.com - BREAKING NEWS: West Nile virus spreads in Europe

No comments: