16 March 2009
By John E. Dunn, Techworld
Criminals are trying to tricking users into downloading malware by luring them to a website that reports a hoax ?breaking news' story of a bomb explosion cleverly tailored to their location.
Picked up in different forms by the spam traps of several security vendors, the attack is able to work out the approximate location of the viewer from the visitor's IP address, serving one from a range of news localised versions of almost identical stories.
According to Sophos and Websense , an email claiming that 18 people have been killed in an explosion starts with the subject line, "Why did it happen in your city?", "Take Care!". A link leads to what appears to be a Reuters news story on the bomb, complete with video, which turns out to need a special CODEC. Downloading this, starts an infection with Waledac (identified as WaledPak-E by Sophos).
Your favorite shows are back!
Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!