A New Internet Attack: Parking Tickets
Trojan-pushing parking tickets? Yes, really. The Internet Storm Center, which tracks Internet attacks and threats, documented a case in Grand Forks, North Dakota where someone put yellow fliers on cars that claimed to ticket a parking violation. The fliers named a Web site that purportedly had pictures of your supposed violation.
To see the pictures, according to additional commentary from the McAfee Avert Labs, the site instructs you to download a toolbar named PictureSearchToolbar.exe. Do so, and you end up with a Trojan. That Trojan, called Vundo by Symantec and McAfee and Monder by Kapsersky (according to a Threat Expert report linked by the ISC), displays false infection warning pop-ups that market a fake antivirus product called "Antivirus 360."
I knew that pushing rogue antivirus was becoming a more popular tactic for crooks, who get a cut of the purchase price via shady affiliate marketing deals, but I had no idea the potential profits could justify the time and expense of physically distributing fake parking tickets. Then again, maybe it doesn't: Many Internet crooks aren't exactly known for their excessive brain power.
The ISC post from Lenny Zeltser has more details on the discovery, including some digital sleuthing about the model of the camera used for pictures on the Web site. And keep an eye out for an upcoming PC World story that delves into rogue antivirus, including how to tell a harmless browser-based social engineering attempt from one that can indicate a malware infection like the one described here.
» posted by ITworld staff
PC World
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
