SmartFeedSmartFeed          

Porsche Hangout


WELCOME - YOU ARE CURRENTLY VIEWING 419EATER AS A GUEST

By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here.

ScamWarners.com - Internet Anti-Fraud Center - now open!


 CNN fake website installing a trojan as Adobe Flash update

View next topic
View previous topic
 
Post new topicReply to topic
Author Message
bill2
Baiting Guru


Joined: 10 Sep 2006
Posts: 5496
Location: Yeah who can tell me where I am?


PostPosted: Sun Aug 10, 2008 2:55 pm Reply with quoteBack to top

Just got this from the Dutch press. Not fresh, but a short search here revealed nothing about it
Quote:
Spammers lokken internetters naar nepsite CNN
Uitgegeven: 7 augustus 2008 18:28

AMSTERDAM - Met een massale spamgolf proberen cybercriminelen argeloze internetgebruikers te verleiden om kwaadaardige software op hun pc's te installeren.
Inertia Stock

In de mail worden slachtoffers naar een nagemaakte versie van de website van de Amerikaanse nieuwszender CNN gelokt. Daarop zijn lijstjes te zien met het belangrijkste nieuws. Wie de berichten aanklikt, wordt opgeroepen een nieuwe versie van Adobes Flash Player te installeren.

Wie dan op 'Cancel' klikt, krijgt een nieuw dialoogschermpje te zien dat opnieuw aandringt op installatie. Een hernieuwde weigering leidt weer naar het eerste dialoogvenster, zodat veel internetters de 'update' uiteindelijk zullen accepteren.

Trojaans paard

In werkelijkheid gaat het echter niet om Flash, maar om een Trojaans paard - kwaadaardige software die zich voordoet als een nuttig programma. Het Trojaanse paard downloadt vervolgens meer zogenoemde malware.

Update

Adobe, fabrikant van Flash, maant gebruikers om de software alleen van de website van Adobe te downloaden. Het bedrijf wijst er op dat die maatregel niet alleen voor Flash geldt. Het is verstandig om na meldingen over updates altijd op de website van de maker te kijken en de software daar te downloaden, aldus Adobe.
(c) NU.nl/Wieland van Dijk

Short "translation":
Mass Spam messages try to get the user to a fake CNN website where they are asked to update Adobe Flash player, but can only download a trojan. After installing the just downloaded program tries to download more "nasty" programs.

Edit: I might as well give the link http://www.nu.nl/news/1691563/53/Spammers_lokken_internetters_naar_nepsite_CNN.html

Or now in English:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9112138&intsrc=news_ts_head

_________________
I don't do bling, I just do lads Evil or Very Mad
View user's profileSend private message
remmy223
Elite Baiter


Joined: 12 Jun 2006
Posts: 1734
Location: butt f*** middle of nowhwere


PostPosted: Sun Aug 10, 2008 4:37 pm Reply with quoteBack to top

bill

thanks for that as my wife has just complained she has received loads of e mails from CNN and i went directly to the web site to stop the news mails.

she and i have not clicked on any of the links
Cool

_________________
Cellphone x 356
bike shop
Mortar
you are bauitfull i will show the picture to my kid

Death man walking.
Click here to support 419Eater.com
View user's profileSend private messageSkype Name
Mr Tambourine Man
Baiting Guru


Joined: 06 Jun 2008
Posts: 3386
Location: Magic swirlin' ship


PostPosted: Sun Aug 10, 2008 5:09 pm Reply with quoteBack to top

I've had several, and deleted them. There's a mention of it on their website.
http://behindthescenes.blogs.cnn.com/

_________________

Closed lad accounts x 4
3 dead websites

is always Good when you have the zeal to be a hitwoman when you out of school,it makes you bold and reall and it makes you more high than any other of your friend.
you dont have a phone.that makes makes you joe butt. Fuck you and go find something to do man. Stop disturbing me please.
This is definitely why you will remain and die in poverty, ignorant of good things and easy acknowledgment of bad things and words. Shame on you, you wicked generation children.
i went you to no that this is not a cheld pray. i went you to get back to me
we are not scammer,we hate scammer as you do.scammer make out life harder and harder,a lot of people think we are scammer,in fact,we are not!! please trustt us
View user's profileSend private message
Rodus
Baiting Guru


Joined: 13 Dec 2006
Posts: 3685
Location: Back under the cold shower


PostPosted: Sun Aug 10, 2008 5:35 pm Reply with quoteBack to top

Article. Storm Worm again.

_________________
I will kiss you romance u,suck and penetrate u - Williams Muyeke
now am as poor as a church rat - Lou1s Mar1on
I AM FINANCIALLY DEAD RIGHT AWAY - Louis in Accra
u can keep sending money to Gomer and leave me alone - Agent Smith cracks up

Pith Helmet Lou1s Mar1on - Lagos to Accra (satellite IP) - "so, what i need to do to get out of these place?"
Sand Timer - 18 mths: Louis

starstar

The*Catb1ngo Hotel*
*My Church*

pony pony pony Nurse Nastys Audi TT Nurse Nastys Audi TT Mortar x23 Closed lad accounts
View user's profileSend private messageSend e-mailYahoo Messenger
bill2
Baiting Guru


Joined: 10 Sep 2006
Posts: 5496
Location: Yeah who can tell me where I am?


PostPosted: Sun Aug 10, 2008 5:57 pm Reply with quoteBack to top

Not handicapped by any Internet knowledge bill2 wrote:
So that's how they could setup a new attack on eater too while using other peoples (ITP)computers?

_________________
I don't do bling, I just do lads Evil or Very Mad
View user's profileSend private message
Rodus
Baiting Guru


Joined: 13 Dec 2006
Posts: 3685
Location: Back under the cold shower


PostPosted: Sun Aug 10, 2008 6:19 pm Reply with quoteBack to top

^^The storm worm botnet has change it's tactics more times then Steve Mclaren. This CNN idea is just the latest in a very long (and succesful) line of drive-by downloads. The trojan turns peoples computers, unknowingly, into part of a huge zombie network that can be used to DDOS any internet site the botherder wishes. Or, as in the case with most of the botnets nowadays, any site the person who has rented the network wishes.

_________________
I will kiss you romance u,suck and penetrate u - Williams Muyeke
now am as poor as a church rat - Lou1s Mar1on
I AM FINANCIALLY DEAD RIGHT AWAY - Louis in Accra
u can keep sending money to Gomer and leave me alone - Agent Smith cracks up

Pith Helmet Lou1s Mar1on - Lagos to Accra (satellite IP) - "so, what i need to do to get out of these place?"
Sand Timer - 18 mths: Louis

starstar

The*Catb1ngo Hotel*
*My Church*

pony pony pony Nurse Nastys Audi TT Nurse Nastys Audi TT Mortar x23 Closed lad accounts
View user's profileSend private messageSend e-mailYahoo Messenger
remmy223
Elite Baiter


Joined: 12 Jun 2006
Posts: 1734
Location: butt f*** middle of nowhwere


PostPosted: Sun Aug 10, 2008 11:29 pm Reply with quoteBack to top

facebook and myspace has been targetted

see HERE

sounds like they mean business again

_________________
Cellphone x 356
bike shop
Mortar
you are bauitfull i will show the picture to my kid

Death man walking.
Click here to support 419Eater.com
View user's profileSend private messageSkype Name
bill2
Baiting Guru


Joined: 10 Sep 2006
Posts: 5496
Location: Yeah who can tell me where I am?


PostPosted: Mon Aug 11, 2008 12:36 am Reply with quoteBack to top

I'm almost tempted to have them infect one of my (empty) laptops to see where and how they're working from it and who they are targeting this time. I don't think they'll like my connection speed though with a top of 1000 kb/s Laughing

_________________
I don't do bling, I just do lads Evil or Very Mad
View user's profileSend private message
Display posts from previous:      
Post new topicReply to topic


 Jump to:   



View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



E-Mail Header Analysis


All Content © 2003 - 419Eater.com
Powered by phpBB © 2001, 2002 phpBB Group :S5: FI Theme :: All times are GMT