Worm Steals CNN Headlines To Stay Timely, Fool Users - InformationWeek
IoT
IoT
News
News
1/21/2005
12:50 PM
50%
50%
RELATED EVENTS
Dun & Bradstreet CAO Discusses Her Roll & The Skills Needed to Do the Job
Jul 26, 2017
LWhat does a chief analytics officer do each day? To help us answer that question we welcome Dun & ...Read More>>

Worm Steals CNN Headlines To Stay Timely, Fool Users

The idea is to fool recipients into thinking that they're reading a legitimate newsletter or news brief rather than looking at a payload-carrying message about to infect their PC.

A new worm uses breaking news -- and a devious technique to keep itself up-to-date -- to dupe recipients into opening attachments, an anti-virus firm said Friday.

U.K.-based security vendor Sophos said that the Crowt.a worm grabs its subject lines, message content, and attachment names from headlines culled in real-time from CNN's Web site. The worm's subject and attachment filename constantly change to mirror the top headline on CNN.com, while the e-mail message's text is also hijacked from CNN.

The idea is to fool recipients into thinking that they're reading a legitimate newsletter or news brief rather than looking at payload-carrying message about to infect their PC.

Crowt.a also slips in a backdoor component that tries to record keystrokes and send the stolen info to the hacker, an element of many worms that are meant not only to give the attacker later access to the infected computer, but also lets them walk off with valuable passwords or bank account information.

"This latest ploy feeds on people's desire for the latest news," said Carole Theriault, a security consultant at Sophos, in a statement. "Many people subscribe to legitimate email news updates...virus writers are always looking for new tricks to entice users into running their malicious code."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll