Ravens PHP Scripts

MSNBC.com *BREAKING NEWS* Alert Update - Fake Celebrity News
Date: Wednesday, September 03, 2008 @ 16:50:54 PDT
Topic: Security: Websense


WebsenseŽ Security Labs(TM) ThreatSeeker(TM) Network has discovered a new replica wave of fake celebrity news being sent out via spam emails. Similar to previous attacks related to 'MSNBC.com Breaking News ' and 'Bogus CNN Custom Alerts ', these emails contain links to a malicious Web page on a compromised site, that is designed to encourage users to download a malicious application posing as a video codec. This malicious Web page also holds Iframes leading to an exploit site.

Over the last few days, the ThreatSeeker Network has seen huge volumes of spam wrapped up in CNN and MSNBC themed templates. Recently, email alerts listing different popular events and news articles also encouraged users to download a video codec, which was actually a malicious file.

The malicious payload is only accessed when the user clicks on! the 'READ FULL STORY' link, which takes them to a Web page on a compromised site named index97.html, which issues a pop-up encouraging users to download a 'missing' video codec, a file called video98.exe.

Here are a few examples of the varied subjects we have seen in this campaign:

Sensational news. Check the message. Breaking news! Be the first to know. Very important news. Astonishing Please take a look. Sensational information inside. Check this out. This is a bomb This is really great news. Please check.

Websense Messaging and Websense Web Security customers are protected against this attack.

To view the details of this alert Click here








This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3437