Slashdot Mirror


Faux-CNN Spam Blitz Delivers Malicious Flash

CWmike writes "More than a thousand hacked Web sites are serving up fake Flash Player software to users duped into clicking on links in mail that's part of a massive spam attack masquerading as CNN.com news notifications, security researchers said today. The bogus messages, which claim to be from the CNN.com news Web site, include links to what are supposedly the day's Top 10 news stories and Top 10 news video clips from the cable network. Clicking on any of those links, however, brings up a dialog that says an incorrect version of Flash Player has been detected and that tells users they needed to update to a fake newer edition, which delivers a Trojan horse — identified by multiple names, including Cbeplay.a — that 'phones home' to a malicious server to grab and install additional malware."

3 of 213 comments (clear)

  1. WINDOWS ONLY. by Anonymous Coward · · Score: -1, Troll

    Of course, if you are smart enough not to run Microsoft Windows, this doesn't affect you...

    Here's a nickel, kid. Go get yourself a *real* operating system...

    1. Re:WINDOWS ONLY. by computersareevil · · Score: -1, Troll

      Of course you can also run Windows and avoid doing unsafe, stupid things.

      Um, running Windows is unsafe and stupid.

  2. I'm on a Mac! by objekt · · Score: -1, Troll

    You insensitive...er, umm...yeah, I'm alright.

    And a big "Ha-ha!" to windoze users.

    --
    -- Boycott Shell