News
News
1/21/2005
12:50 PM
Connect Directly
RSS
E-Mail
50%
50%

Worm Steals CNN Headlines To Stay Timely, Fool Users

The idea is to fool recipients into thinking that they're reading a legitimate newsletter or news brief rather than looking at a payload-carrying message about to infect their PC.

A new worm uses breaking news -- and a devious technique to keep itself up-to-date -- to dupe recipients into opening attachments, an anti-virus firm said Friday.

U.K.-based security vendor Sophos said that the Crowt.a worm grabs its subject lines, message content, and attachment names from headlines culled in real-time from CNN's Web site. The worm's subject and attachment filename constantly change to mirror the top headline on CNN.com, while the e-mail message's text is also hijacked from CNN.

The idea is to fool recipients into thinking that they're reading a legitimate newsletter or news brief rather than looking at payload-carrying message about to infect their PC.

Crowt.a also slips in a backdoor component that tries to record keystrokes and send the stolen info to the hacker, an element of many worms that are meant not only to give the attacker later access to the infected computer, but also lets them walk off with valuable passwords or bank account information.

"This latest ploy feeds on people's desire for the latest news," said Carole Theriault, a security consultant at Sophos, in a statement. "Many people subscribe to legitimate email news updates...virus writers are always looking for new tricks to entice users into running their malicious code."

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A UBM Tech Radio episode on the changing economics of Flash storage used in data tiering -- sponsored by Dell.
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.