Faux-CNN Spam Blitz Delivers Malicious Flash 213
CWmike writes "More than a thousand hacked Web sites are serving up fake Flash Player software to users duped into clicking on links in mail that's part of a massive spam attack masquerading as CNN.com news notifications, security researchers said today. The bogus messages, which claim to be from the CNN.com news Web site, include links to what are supposedly the day's Top 10 news stories and Top 10 news video clips from the cable network. Clicking on any of those links, however, brings up a dialog that says an incorrect version of Flash Player has been detected and that tells users they needed to update to a fake newer edition, which delivers a Trojan horse — identified by multiple names, including Cbeplay.a — that 'phones home' to a malicious server to grab and install additional malware."
IE7 Scam (Score:5, Funny)
There is another similar one pushing 'IE 7 is now available for download' from 'Microsoft'.
ya.. right...
Re:Ahhh, that explains it (Score:1, Funny)
1995 called, they asked if "for(;;)alert("ha ha");" still f**ks current browsers for the average user?
What, no CNN link? (Score:4, Funny)
I can see the headline now: "We're not spamming you (really)"
Sourceforge harvested, gmail bounced it (Score:4, Funny)
This spam helped me find a bug in my procmail recipe - this was sent to my Sourceforge email address (never had spam there before), and was forwarded on to Google which bounced it as an illegal attachment. Kudos to Google for being on the ball.
The 1,200 recursive bounce messages that ensued were no-one's fault but my own. :)
Re:snooze (Score:3, Funny)
Mac OS X.
Running on an iPhone.
A non-3G iPhone.
Re:What, no CNN link? (Score:1, Funny)
Linux Sux (Score:5, Funny)
How am I supposed to see the CNN videos if they don't make a linux version? Linux sux, I'm going back to windows.
Re:Faux-CNN Spam Blitz Delivers Malicious Flash? (Score:5, Funny)
Pleas God, no. Nobody wants Wolf flashing us.
Re:Ahhh, that explains it (Score:3, Funny)
Ugggh! (Score:3, Funny)