Malware delivered in parking ticket scam

Powered by SC Magazine
 

Trojans are being distributed through a real-life scam involving fake parking tickets.

Trojans are being distributed through a real-life scam involving fake parking tickets.

 

The Internet Storm Center has reported on a case in the US state of North Dakota where yellow fliers are put on cars that claim a parking offence has been committed. The fliers give the address of a website that is supposed to have pictures of the driver's supposed violation.

 

However, in order to see the pictures, the site instructs you to download a toolbar named PictureSearchToolbar.exe, by doing this you download the Vundo, or Monder, Trojan.

 

SANS analyst Lenny Zeltser said: “I had the opportunity to examine malware whose initial infection vector was a car windshield flier with a website address. The malicious programs were run-of-the-mill; however, the use of fliers was an innovative way of social-engineering potential victims into visiting a malicious website.

 

“The initial program installed itself as a browser helper object for Internet Explorer that downloaded a component from childhe.com and attempted to trick the victim into installing a fake anti-virus scanner from bestantispyware securityscan.com and protectionsoft warecheck.com.

 

“Attackers continue to come up with creative ways of tricking potential victims into installing malicious software. Merging physical and virtual worlds via objects that point to websites is one way to do this. I imagine we'll be seeing such approaches more often.”

See original article on scmagazineus.com

Copyright © SC Magazine, US edition


Malware delivered in parking ticket scam
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1776

Vote
Do you support the abolition of the Office of the Information Commissioner?