Trojans are being distributed through a real-life scam involving fake parking tickets.
The Internet Storm Center has reported on a case in the US state of North Dakota where yellow fliers are put on cars that claim a parking offence has been committed. The fliers give the address of a website that is supposed to have pictures of the driver's supposed violation.
However, in order to see the pictures, the site instructs you to download a toolbar named PictureSearchToolbar.exe, by doing this you download the Vundo, or Monder, Trojan.
SANS analyst Lenny Zeltser said: “I had the opportunity to examine malware whose initial infection vector was a car windshield flier with a website address. The malicious programs were run-of-the-mill; however, the use of fliers was an innovative way of social-engineering potential victims into visiting a malicious website.
“The initial program installed itself as a browser helper object for Internet Explorer that downloaded a component from childhe.com and attempted to trick the victim into installing a fake anti-virus scanner from bestantispyware securityscan.com and protectionsoft warecheck.com.
“Attackers continue to come up with creative ways of tricking potential victims into installing malicious software. Merging physical and virtual worlds via objects that point to websites is one way to do this. I imagine we'll be seeing such approaches more often.”See original article on scmagazineus.com
Copyright © SC Magazine, US edition
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.