Original URL: http://www.theregister.co.uk/2011/03/23/japan_blackout_malware_scam/
Fake Japan blackout alerts cloak Flash malware
Scumbags continue to batten on human misery
Posted in Security, 23rd March 2011 11:17 GMT
Watch Now : Virtual Machine Movement with Hyper-V
Scumbags are taking advantage of the desperate situation in Japan by distributing malware that poses as information about a rolling electricity blackout programme.
Malicious emails contain infected Excel attachments hosting a Flash exploit ultimately designed to drop a malicious executable on compromised Windows PCs.
The emergence of an attack serves as a reminder of the need to update Adobe Flash, using a patch [1] released earlier this week. A detailed run-down of the attack can be found in a blog post by Finnish anti-virus firm F-Secure here [2].
Pondlife scammers have deployed just about every scam ruse imaginable in the wake of the crisis that has blighted Japan since 11 March. Previous attacks have included 419 scams [3], fake donation sites, scareware baiting using search engine manipulation and more.
Chris Boyd on GFI Labs has compiled a useful list of tips for avoiding this seemingly never-ending list of scams here [4]. ®