Slashdot Mirror
Malware Spreading Via ... Windshield Fliers?
wiedzmin writes "Another interesting article published by the SANS ISC Handler's Diary is describing a very unusual vector for malware distribution — windshield fliers and fake parking tickets. A website URL provided for "disputing a ticket" actually leads to a malicious website, and a "toolbar" required to find the photo of your violation is, you guessed it, a trojan posing as a fake antivirus. The best part is — according to the VirusTotal report, it doesn't look like most antiviruses have signatures for this one yet."
After all, do you know what a parking ticket looks like in your city, to be able to distinguish between a real one and a fake? I would suspect that most people who recognize the real thing either wouldn't bother to try to contest one, or don't do anything about them anyways. But for the larger portion of a city's population who has not been ticketed, they could well have a hard time telling a fake from the real thing.
And then you add in people who are from out of town, who would much rather not have to go back to your city to deal with a ticket...
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Agreed, I could've fallen for this myself. I got a ticket about a year ago in a city I didn't live in, and lo and behold, it had a website on it for paying online. Ticket looked official, but on second thought, I couldn't be sure, having never seen one from that city before. I blindly typed in the URL... I'd like to believe I would have picked off a phishing scam, but still, I took the first step.
Imagine for a moment a world without hypothetical situations...
1. You are parked legally
2. Everybody else has these "tickets"
I've gotten tickets when I was parked legally and successfully contested them. All the other cars on the block were also incorrectly ticketed at the same time - apparently a cop misunderstood the parking rules, or didn't know how to operate a watch.
Furthermore, given the city's trend of contracting out ticking, the fact that the URL pointed to some third party website and not a subdomain of the city or county sites wouldn't have set off any red flags either (although one hosted in the Czech Republic would :). The red-light tickets we get in the mail today directs you to the website of the contracted company and not to the city website.
Depends on where you target your fliers. Put 'em around city hall, and you may be able to get some schmuck to compromise their internal network. Or a bank, or a big company, etc, etc.
That would be the big advantage of being able to geographically target your scam.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
Sure, some security testing firms have already added "leave trojaned USB sticks in the parking lot" to their list of tests.
Slap these on cars before lunch, everyone who goes out to lunch will probably check the url when they get back on their work computer.
Except in the UK, where it's a public servant with little or no training who, in some instances, actually has more power than a real police officer.
FGD 135
Now, handing out fake tickets to those obviously illegally parked could net a useful income for a while.
Someone did that for a while in Madison, WI:
http://www.madison.com/tct/news/stories/302436
His trial begins on the 19th.