The mock citations left on hybrid cars in North Dakota direct parkers to a Web site that prompts them to download a toolbar that installs a Trojan onto the computer.
Elinor MillsFormer Staff Writer
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.
In a scary online-offline Internet scam, hybrid cars in North Dakota have been tagged with fake parking citations that include a Web address hosting malicious software that drops a Trojan onto the computer.
The yellow tickets found on the cars in Grand Forks, North Dakota, read "PARKING VIOLATION This vehicle is in violation of standard parking regulations. To view pictures with information about your parking preferences, go to" and gave a Web site, according to a blog posting on the SANS Internet Storm Center site.
The site referenced shows photos of cars in parking lots in that town and prompts the visitor to download a toolbar to see purported photos of the ticketed car. Downloading the executable installs a Trojan and displays a fake security alert when the system is rebooted. The fake alert prompts the computer user to install a fake anti-virus scanner, SANS said.
"The initial program installed itself as a browser helper object (BHO) for Internet Explorer that downloaded a component from childhe.com and attempted to trick the victim into installing a fake anti-virus scanner from bestantispyware securityscan.com and protectionsoft warecheck.com," wrote SANS analyst Lenny Zeltser.