Fake BBC site infects computers with keylogger trojan

By

Criminals are using real stories from the BBC news website in a ploy to infect computers via the latest flaw in Internet Explorer (IE).

Hackers are using the IE flaw to infect users and turn machines in zombie computers. An alert issued by researchers at Websense Security Labs warned users that attackers have begun sending spam in an attempt to attract users to infected websites.


These emails contain excerpts from actual BBC news stories and offer a link to "Read More." Users who follow this link are taken to a website that is a spoofed copy of the BBC news story from the e-mail.

This website exploits the unpatched createTextRange vulnerability in Internet Explorer and is currently being used to download and install a keylogger. This keylogger monitors activity on various financial websites and uploads captured information back to the attacker.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

Log In

  |  Forgot your password?