Malware delivered in parking ticket scam

Powered by SC Magazine
 

Trojans are being distributed through a real-life scam involving fake parking tickets.

Trojans are being distributed through a real-life scam involving fake parking tickets.

 

The Internet Storm Center has reported on a case in the US state of North Dakota where yellow fliers are put on cars that claim a parking offence has been committed. The fliers give the address of a website that is supposed to have pictures of the driver's supposed violation.

 

However, in order to see the pictures, the site instructs you to download a toolbar named PictureSearchToolbar.exe, by doing this you download the Vundo, or Monder, Trojan.

 

SANS analyst Lenny Zeltser said: “I had the opportunity to examine malware whose initial infection vector was a car windshield flier with a website address. The malicious programs were run-of-the-mill; however, the use of fliers was an innovative way of social-engineering potential victims into visiting a malicious website.

 

“The initial program installed itself as a browser helper object for Internet Explorer that downloaded a component from childhe.com and attempted to trick the victim into installing a fake anti-virus scanner from bestantispyware securityscan.com and protectionsoft warecheck.com.

 

“Attackers continue to come up with creative ways of tricking potential victims into installing malicious software. Merging physical and virtual worlds via objects that point to websites is one way to do this. I imagine we'll be seeing such approaches more often.”

See original article on scmagazineus.com

Copyright © SC Magazine, US edition


Malware delivered in parking ticket scam
 
 
 
Top Stories
Westpac interim CIO resigns
Group CIO yet to be appointed.
 
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
A call for timely reporting
[Blog post] Businesses need incentives to keep customer data secure.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  26%
 
Application integration concerns
  3%
 
Security and compliance concerns
  28%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  5%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 896

Vote