Fake Tickets Lead To Real Infection
Virus builders are getting smarter. How about a fake parking ticket as the start of the trail to your machine getting infected?
Several days ago, yellow fliers were placed on cars in Grand Forks, North Dakota that said:
Heading along to the website, you'd see lots of pictures of cars, cunningly Photoshopped to remove license plates, so you couldn't be completely sure it wasn't yours. But it had a handy picture search toolbar to check. The toolbar actually downloaded a DLL into Windows, sent off a message to a "suspect" website and deleted the toolbar.
However, when the system was reset, the DLL hid as a browser object, and when it knows there's a connection there, it sends a little flag back to say it's working, and gets passed back another nasty DLL.
Now it had control where it wanted it, and it'd wait for a bit while you trawl the web. At a random moment, it would pop up a warning saying that you were infected. The upcoming re-direct would also tell you tales of how riddled with viruses you were and would you like to download a real anti-virus checker?
And of course, as soon as they've got a program on your machine, rather than a DLL, you're history.
While this has to be the most elaborate way of setting up a hit, you've got to admire the way it appears.
Two guys can cover a parking lot in fliers in ten minutes or so. Each owner frets and some might check the website. A few of those will get the "free anti-virus" and then those machines can be made into Zombies, Spambots or anything they want. Even with 1% pickup, that's a lot of computers, and all they're doing is playing on the same paranoia that people already have against viruses, while you do all the work for them.
Now it's been bust open though, what will be next? Anyone with access to a supermarket till system could send a similar message to thousands of potential victims.
Source: Waxy.org [http://waxy.org/]
Permalink
Virus builders are getting smarter. How about a fake parking ticket as the start of the trail to your machine getting infected?
Several days ago, yellow fliers were placed on cars in Grand Forks, North Dakota that said:
Odd, but certainly within the realm of possibility.
Heading along to the website, you'd see lots of pictures of cars, cunningly Photoshopped to remove license plates, so you couldn't be completely sure it wasn't yours. But it had a handy picture search toolbar to check. The toolbar actually downloaded a DLL into Windows, sent off a message to a "suspect" website and deleted the toolbar.
However, when the system was reset, the DLL hid as a browser object, and when it knows there's a connection there, it sends a little flag back to say it's working, and gets passed back another nasty DLL.
Now it had control where it wanted it, and it'd wait for a bit while you trawl the web. At a random moment, it would pop up a warning saying that you were infected. The upcoming re-direct would also tell you tales of how riddled with viruses you were and would you like to download a real anti-virus checker?
And of course, as soon as they've got a program on your machine, rather than a DLL, you're history.
While this has to be the most elaborate way of setting up a hit, you've got to admire the way it appears.
Two guys can cover a parking lot in fliers in ten minutes or so. Each owner frets and some might check the website. A few of those will get the "free anti-virus" and then those machines can be made into Zombies, Spambots or anything they want. Even with 1% pickup, that's a lot of computers, and all they're doing is playing on the same paranoia that people already have against viruses, while you do all the work for them.
Now it's been bust open though, what will be next? Anyone with access to a supermarket till system could send a similar message to thousands of potential victims.
Source: Waxy.org [http://waxy.org/]
Permalink
