September 20, 2013 No Comments-
Malware writers have launched two new attention-grabbing campaigns in the last few weeks, both of which are aimed at spreading computer viruses to the unlucky people who don’t recognise the signs of a malware-decoy.
One of the methods appeals to a certain audience’s sense of hopefulness, offering a leaked version of the new Grand Theft Auto computer game, while the other appeals to people’s morbid curiosity, claiming to contain a news story about the US bombing Syria.
Whether the fictional subjects are good news for gamers or bad news for anti-war campaigners, the malware writers only want your attention long enough to infect your computer.
The two methods combine their differing messages with different technologies to spread their payloads, ensuring that the most suitable audience carries out the required actions to allow the malware to infect their systems.
Grand Theft Auto V Torrent
The GTA malware is hidden within a torrent file claiming to contain a PC version of what will almost certainly be the world’s most popular computer game: Grand Theft Auto V.
The torrent – a type of file used by file-sharers to help send large documents over the internet – is interesting to potential downloaders for two reasons, both of which could prove too tempting for even a sensible internet user.
The first is that it’s a free (if illegal) version of the world’s most anticipated game. The second is that the file is labeled as a PC version – despite no such version of the game having been created (the game has been released for Xbox and Playstation). This should be a huge warning for downloaders that it’s not a real version, but for some, desperation to play the game could override their senses.
In fact, the file itself is actually a computer game called The Cave, which is used to make the file’s download size look realistic. Once downloaded, users are asked to send a text message to unlock the file. This message actually signs the user up for a premium service that charges a daily fee until it is cancelled. Once the file has been unlocked, a trojan malware is installed, which can be removed by any good antivirus.
It’s pretty annoying all round.
CNN Syria Bombings
This malware claims to provide information about the US bombing Syria, and is spread via email, pretending to originate from reputable news organisation CNN. Infection comes from clicking a link in the story, which uses security holes in older versions of the Adobe Reader and Java software to install malware on the victim’s computer.
While computers with fully updated software should be fine, it’s important to try to avoid these emails altogether.
Look out for bad English in the subject line, which should be a giveaway that the author wasn’t, in fact, from the highly grammar-conscious CNN.
Made up of various contributors' opinions and insights - the power of the collective.
Norman Safeground Blogs Archive