Fake-CNN spam mutates as attacks continue
The massive attack that has infected PCs by tricking users into clicking links in fake messages from CNN.com shows little sign of ending soon, security researchers said Friday.
According to MX Logic Inc., spam posing as CNN.com Top 10 lists peaked at close to 11 million messages per hour early Thursday, but remained at high volumes throughout the day Friday. The Colorado security vendor said it had been tracking an average of 8 million messages per hour since midnight.
MX Logic's vice president of information security, Sam Masiello , called the trend "a very slow, but steady decline" from the 11 a.m. Mountain Time peak the day before.
Masiello also said that the spam has changed since attacks were first launched on Tuesday. "We've also seen several morphs of this spam over the past couple of days," he said in an entry posted on the MX Logic blog Friday . Where the messages once trumpeted " CNN .com Daily Top 10" in the subject heading and linked to a single filename on malware-hosting sites, now the spam sports a subject reading "CNN Alerts: My Custom Alert" and uses a variety of filenames in the malicious URL.
"This is likely in response to all of the media attention and awareness that has been brought up over the past couple of days," Masiello speculated.
Also on Friday, Websense Inc. reported that its researchers had seen the attack mutating, with the spam subject heading not only touting "CNN Alerts: My Custom Alert," but also using legitimate news stories culled from CNN to make the messages more convincing.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
malware
Powered by TwitterOn Twitter now
malware
Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers
Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal
Tom Henderson
Top Ten General Operating Systems Rants
pasmith
PS3 motion controller delayed; goes up against Project Natal
sjvn
Neolithic Windows security hole alive and well in Windows 7
claird
Perl source code comparison makes for good reading
mikelgan
Cell phones don't create stress or interrupt much
Sandra Henry-Stocker
How to: The Unix Interview
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
- Ubuntu advances: Why Ubuntu server installations will surge in 2010
- Social media marketing: How to make friends with benefits
- More...
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
I read of this a few days
I read of this a few days ago and had one in my junk mail folder. Today I received three that are from cnn.com and are cnn alerts: My Custom alert. I know I didn't sign up for them and hope others read about this before they click on them. I found this site from a google search on cnn and will ad to my bookmarks. I found your article interesting and this is my first time to this site. Hovering over the links shows before the cnn http://cineus.ru . I hope someone squashes this soon.Jack
I saw this e-mail in my
I saw this e-mail in my Incredimail spam folder though I subscribe to CNN e-mails. I clicked on the link and tried installing the activex, although it didn't seem like an Abobe standard install. Eset Smart Security deleted the file immediately. This happened last week.I am getting bombarded by
I am getting bombarded by these CNN Alerts. I have been marking them and their predecessors, Daily Top Ten as Junk but oddly Thunderbird for some reason doesn't recognise them as such so my Inbox is getting full of them.