Fresh London 2012 Olympics Themed Spam Circulating; Trend Micro
Researchers from Trend Micro the security company are cautioning Internauts about one fresh spam scheme, which's using the soon to happen London 2012 Olympic Games theme for disseminating malware.
The spam mail, as if to caution the recipient, tells him not to get duped with fake organizations and websites asserting about selling tickets for being part of the audience. The given web-link will provide the tickets to residents of the European Economic Area (EEA) and United Kingdom. Tickets can be bought from the authorized sales channels for the London 2012 too starting 2011 spring. Until then, purchasers won't be requested for accepting any contract or paying any fee, the unsolicited message concludes.
Following this text, the e-mail asks the recipient for taking down one attachment listing all the websites/organizations engaged in unlawful trading of tickets.
But there's actually a malware in the attachment that Trend Micro has identified as TROJ_ARTIEF.ZIGS, which exploits the CVE-2010-3333 vulnerability resulting from the stack-based heap overflow of the Rich Text Format for planting BKDR_CYSXL.A a backdoor. BKDR_CYSXL.A creates or erases files as also turns off the contaminated computer.
While the current London Olympics-related spam campaign isn't the lone one, there indeed will emerge others. Global functions similar to the Olympics make Internet scammers execute their hideous activities and they will execute further and more aggressively once the summer games get over. Hence, Trend Micro's researchers urge Internet-users not to allow their over-keenness for the event, overshadow personal judgments.
In general, Trend Micro researchers suggest that e-mail users must routinely verify an incoming message's genuineness prior to clicking or opening any web-link or attachment inside it.
Finally, just before the above-mentioned e-mail spam, Trend Micro researchers uncovered another one during the 1st-week of April 2012. At the time, that spam involved messages cyber-criminals dispatched making them appear from the Visa payment card company, while asked recipients to participate in an actually non-existent lottery that offered tour facilities to the Olympics as prize. Earlier during 2008, the company had detected one other spam campaign that posed as a sweepstakes from the Committee of the London 2012 Olympics.
Related article: Fark.com Files Suit against Suspected Hacker from Fox13
» SPAMfighter News - 28-04-2012