Hackers Using Spammer’s Trick To Infect PC
Security firm Sophos, discovered a traditional trick which has usually been favored by spammers but now seems to have generated a passion among hackers too. The modus operandi involves an email that is sent with a message embedded in an image inviting users to visit a website. Once you visit the website, a soft porn image is displayed and your computer may be infected with a lethal Troy/Dloadr-AMA Trojan horse. The spam is capable of bypassing strong spam filters due to the absence of text message and links. The website link that is displayed in the image will not respond to a click and requires manual entering.
The message reads as follows:
My name is Vicky Willington. I'm a college girl, newly arrived in Australia and seeking a partner for sex. A good man is what I need, someone who's serious and honest. Let me know if you're interested in meeting. Take a look at my webcam pics on my web page.
Graham Cluley, senior technology consultant, Sophos warns that the malware attack is more interesting due to techniques more commonly associated with spammers. There is only an image in the message body unlike Trojans, which are mostly distributed as text only, or text with embedded images.
The image conceals random noise to pass signature-based detection, a method more common to medical and stock spam campaigns. The subject matter too is similar to the pretty girl campaign. However instead of image spam, text spam is sent urging recipients to reply to the email instead of visiting a website.
The report by experts say that this new 'malignant' is seeing surging growth in email spam involving images with embedded messages that have swelled up from 18.2% in January this year to 35%. With images in place of text messages, spammers are able to get past powerful spam filters that are based on text scan for email messages.
Spam messages using document files like MS Word and Portable document format in the form of attachments are also growing. The size of the email doesn't concern spammers anymore. With a large number being traditional cyber criminals, the primary objective is to gain access to email inboxes instead of causing mail server jamming with bulk messages.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 05-09-2006