Blog for hpHosts, and whatever else I feel like writing about ....

Monday, 23 July 2012

Alert: Olympics 2012 malware

Criminals are very predictable;

1. Disaster occurs
2. Serve malware by exploiting [1]

1. News occurs
2. Serve malware by exploiting [1]

1. Someone dies
2. Serve malware by exploiting [1]

As usual, they're also predictable in how they do it;

1. Drive-by's
2. Exploits
3. Phishing
4. Social engineering

In this case, it's all about the Olympics (don't see why everyone is so fussed about it personally, never have), and right on schedule, the criminals have rallied to exploit it;

The Opening Ceremony of the 2012 Olympic Games is exactly 1 week away and Websense Security Labs researchers are already seeing data-stealing malware that aims to capitalize on the Games. Malware piggybacks on the buzz surrounding current, high profile events like the Olympics in order to steal personal data. Olympics-themed content armed with malware is introduced mainly through social engineering-based attacks. The cyber criminals behind the themed attacks know that they have a better chance of enticing potential victims by appearing current and relevant to a hot topic. That gets clicks, and the chance to spread their data-stealing creations further.

We have been following with interest an advisory released by the Polish Computing Emerging Response Team (CERT) which analyzed an interesting sample of data-stealing malware. This malware, once executed, has the ability to interact with social channels like Facebook, Skype, and Microsoft Live Messenger. This particular variant spreads malicious URLs through those channels and the victim's contact list. To be precise, it employs a socially engineered attack accompanied by a malicious URL that ultimately leads to a malware file that is part of a bot network. Since the sample analyzed has tried to take advantage of the buzz around the start of this year's Olympic Games, we decided it was timely to write this blog post.

Read more

No comments: