Faux-CNN Spam Blitz Delivers Malicious Flash

Posted by samzenpus on Wednesday August 6, 2008 @11:06AM from the careful-what-you-click dept.

CWmike writes "More than a thousand hacked Web sites are serving up fake Flash Player software to users duped into clicking on links in mail that's part of a massive spam attack masquerading as CNN.com news notifications, security researchers said today. The bogus messages, which claim to be from the CNN.com news Web site, include links to what are supposedly the day's Top 10 news stories and Top 10 news video clips from the cable network. Clicking on any of those links, however, brings up a dialog that says an incorrect version of Flash Player has been detected and that tells users they needed to update to a fake newer edition, which delivers a Trojan horse — identified by multiple names, including Cbeplay.a — that 'phones home' to a malicious server to grab and install additional malware."

1 of 213 comments (clear)

Min score:

Reason:

Sort:

I got one of these by Anonymous Coward · 2008-08-06 11:09 · Score: 5, Informative

it took me quite a while to figure out why this would be effective spam.
Then I had a look a the HTML view. Quite insidious.
It provides what looks like a linkified http://www.cnn.com/xxxxxxx that actually referrs to a different url.