CNN Top Ten Spam

New malware’d email with subject of “CNN.com Daily Top 10”, or something similar. The emails come from random users, probably nobody you would recognize. The message provides links to the ‘top 10’ CNN videos, many with ‘attractive’ titles.

But the links will send you to a page that only looks like CNN’s video site. The page is actually hosted on a compromised web site. The page name is usually ‘index2.html’. A ‘redirect’ command on that page will, after about 12 seconds, pop up a message about a ”Flash Player Update” that is required to view the videos.

And clicking on that will get your computer compromised with a downloader trojan, that will allow the attacker to download any program they want. Including spyware, password grabbers, spam mail relaying, and more.

As usual, Safe Computing works. Unsolicited emails with “attractive” content are usually not good.

And if you have a web site, you might want to check for an ‘index2.html’ file. That would mean that your site was successfully attacked with a SQL injection attack, writing pages on you web server, and putting modified content in your web pages.

That’s never good

Leave a Reply

Name and email are required. Your email address will not be published.