Bhutto’s Assassination Helped Attackers to Spread MalwareNow the big political activities too have become a source for spreading malicious malware. Assassination of Benazir Bhutto, Former Prime Minister of Pakistan, has been used to bring web surfers, searching information and video footage of the incident, to malicious websites, reported by itbusinessedge on December 28, 2007. Various websites have been taking advantage of the tragedy by alluring web users seeking information and video clip of the incident. These websites attract users to download a fake codec, which says that it contains video clip of Bhutto's assassination. This kind of malware is circulating on the Internet and attracting web users. However, these are the methods to dupe users into running malign Active X controls. Symantec has confirmed that downloaded file is an Emcodec-Trojan. The compromised websites enclosed malicious scripts inserted into the web pages that divert visitors to the 3322 domain. This domain has also been detected in other high profile attacks. In these webpages, obfuscated variants of the MS06-014 exploit are given. According to Trend Micro, some sites that appear in the Google search results are using easy search keyword like Benazir and containing malicious Javascript redirect. The download of malicious script (a Trojan) leads to the download of more harmful files. The malicious Javascript is not confined to the websites containing information of Bhutto's assassination but is also included in other websites that deal with a broad range of topics and interests, as reported by TheRegister.co.uk on December 28, 2007, Search of this malicious JavaScript code URL (the malicious script) gives 4240 results. When the search is further narrowed by including the term "benazir", it minimizes the number of found results to 103. Trend Micro warned not to open the sites of Autoworld, Vino, MSN Dogpile, and BlogSpot as they possibly contain malicious Javascript. Security analysts also said that in the past, attackers took advantage of issues that attracted significant amount of traffic on search engines, like international media events. Attackers dupe search engines by deceiving search engine's algorithm and influencing the keyword search to spread malware in order to achieve higher ranking on the search engines. Related article: Bot Operator Infects Rubbermaid Computers And Sentenced to Prison » SPAMfighter News - 1/9/2008 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
