Lin’s Worldwide Fame Results in Targeted Malware Assaults
According to Trend Micro, malware-attackers are exploiting the enormous worldwide fame of Jeremy Lin the basketball player as bait for duping e-mail users through a malicious e-mail campaign called LURID.
The e-mails promote the sportsman's story, while containing a Microsoft Word file captioned "The incredible story of Jeremy Lin the NBA new superstar.com," which Trend Micro identified as TROJ_ARTIEF.LN and found spreading since February 16, 2012. The Trojan abuses security flaw CVE-2010-3333 within Microsoft Office so malware maybe installed onto the infected PC. Trend Micro identified this installed malware as BKDR_MECIV.LN. Once the vulnerability abuse proves successful, one sanitized document unfolds in order that no suspicion regarding anything malicious arises for the affected user.
Trend Micro's researchers said that as the malicious component became active, it transmitted data to its remote C&C central server. The data included operating system edition, Mac IP and address, language configurations as well as one campaign code, which facilitated tracing of the attacks by the cyber-crooks.
Moreover, the LURID e-mail spam chiefly aimed at Internet-users from Central Asia and Eastern Europe, including the countries of erstwhile Soviet Union.
The researchers further said that the code for the e-mail campaign was called 0dayfeb03.exe and it was embedded on February 3, 2012 many days prior to dispatching of the malicious spam mail. And even with the label "0day," the CVE-2010-3333 vulnerability abused in the assault represented the earlier dependable exploit.
Additionally, the assaults show that profusely-familiar scams too are likely to remain active over extended time-spans. The perpetrators utilize a common malware with diverse variants and persistently wage fresh assaults on their targets. During then, they continuously take advantage of breaking news-events as bait for probable victims to make them run harmful e-mail attachments.
Also according to the researchers, cyber-crooks exploit the fame of celebrities like Whitney Houston who died sometime ago or launch BlackHat SEO assaults along with other scams based on current topics for disseminating malware.
Here Maarten Van Horenbeeck's example is noteworthy. During 2008 Horenbeeck recorded several malware assaults that targeted sequentially with the help of Trojan Enfal against USA's government organizations, their employees, defense contractors, and NGOs.
Related article: Lyme Regis Resident Warns of E-Mail Scam
» SPAMfighter News - 08-03-2012