Geo-located malware appears over the horizon
Dirty bomb ruse used to punt worm
Malware authors have incorporated technology designed to find the geographic location of prospective marks as a tactic to enable more convincing social engineering scams.
A new variant of the Waledac worm uses an email message claiming a "dirty bomb" explosion in order to tempt the gullible into visiting a maliciously-constructed website posing as the homepage of news agency Reuters. This website uses a GEO-IP lookup to customise the story so as to appear that the explosion appeared in a city or location near the surfer viewing it.
Punters are encouraged to view a video supposedly related to the shocking news of a nearby radioactive bomb explosion. When users click on the video they are prompted to download the latest version of "Flash Player". But the software on offer turns out to be nothing to do with Adobe, instead coming loaded with the latest variant of the Waledac worm.
geo ip lookup
if that is the same as the girls who pop up on the adds who want my hot body then they are all in Edinburgh when i am in Oxford
That will be fun here...
All our web activity is passed via a proxy server in another part of europe. I'll be ignoring any explosions in Holland from now on.
Pain in the arse when some site tries to filter on location. like the BBC.
If I got that email from most of my UK ISPs I would have a quick chuckle about the fact that Slough or Cheltenham had just gone up and then carry on safe in the knowledge that I am a good 300 miles from them.