Bhutto murder used to spread malware
Print storyMalicious JavaScript pushes Trojan
Posted in Security, 28th December 2007 11:21 GMT
Free whitepaper – Server-gated cryptography
Virus writers are exploiting morbid curiosity about the assassination of former Pakistani Prime Minister Benazir Bhutto's to spread malware.
Surfers searching for video footage of the suicide attack that killed Bhutto and at least 21 others on Thursday are liable to find malware posing as video clips that attempts to trick users into running malign ActiveX controls. The malicious downloaded file is detected by Symantec as the Emcodec-Trojan.
Trend Micro reports that some of the sites that come up in Google search results using the simple search term "Benazir" feature an malicious JavaScript redirect. The malicious script downloads a Trojan which, in turn, downloads more malicious files. This malicious JavaScript is far from restricted to sites referring to Bhutto's assassination but is also "embedded in other Web sites with a broad scope of topics and interests," Trend Micro notes.
Searching for this same malicious JavaScript code URL (the malicious script) yields 4,240 results. Narrowing down the search to also include "benazir" reduces this number to 103 results.
Sites that have been possibly compromised (or that include the malicious JavaScript), including Autoworld, Vino, Dogpile, MSN and BlogSpot, Trend Micro warns. ®
Hosted security IT manager's guide
Jump start your Application Security initiatives
Securing your Apache web server with a Thawte digital certificate
Vulnerability management buyer's checklist
Email continuity
Google cloud told to encrypt itself
Buggy 'smart meters' open door to power-grid botnet
Chinese firm hits back at cyberspy claims
BlockMaster SafeStick hardware-encrypted USB drive