Geo-located malware appears over the horizon
Dirty bomb ruse used to punt worm
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
Malware authors have incorporated technology designed to find the geographic location of prospective marks as a tactic to enable more convincing social engineering scams.
A new variant of the Waledac worm uses an email message claiming a "dirty bomb" explosion in order to tempt the gullible into visiting a maliciously-constructed website posing as the homepage of news agency Reuters. This website uses a GEO-IP lookup to customise the story so as to appear that the explosion appeared in a city or location near the surfer viewing it.
Punters are encouraged to view a video supposedly related to the shocking news of a nearby radioactive bomb explosion. When users click on the video they are prompted to download the latest version of "Flash Player". But the software on offer turns out to be nothing to do with Adobe, instead coming loaded with the latest variant of the Waledac worm.
Write-ups of this geo-targeted malware attack, currently doing the rounds, can be found in security blogs run by Websense (here) and Sophos (here). ®
COMMENTS
geo ip lookup
if that is the same as the girls who pop up on the adds who want my hot body then they are all in Edinburgh when i am in Oxford
That will be fun here...
All our web activity is passed via a proxy server in another part of europe. I'll be ignoring any explosions in Holland from now on.
Pain in the arse when some site tries to filter on location. like the BBC.
GEOlookup
If I got that email from most of my UK ISPs I would have a quick chuckle about the fact that Slough or Cheltenham had just gone up and then carry on safe in the knowledge that I am a good 300 miles from them.
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
