Phony Erin Andrews video spreads malware
Monday, July 20, 2009
Cybercriminals are exploiting curious voyeurs hoping to watch a video purporting to show hidden "peephole video" camera footage of ESPN reporter Erin Andrews by hosting malicious web pages that contain Trojan malware, according to web security experts at Sophos.
Andrews, a popular sideline reporter for the sports cable network, was reportedly videotaped nude in a hotel room by a voyeur who posted the video on YouTube. The video has since been removed from the site.
Graham Cluley, senior technology consultant at Sophos, reported on his blog that websites spoofing CNN and other sites claiming to host the video are cropping up, which ask visitors to download a video player that is actually malware that can infect the user's PC or Mac.
Mac users who download the phony video player would be infected by the Trojan OSX/Jahlav-C while Windows users would download either the Trojan Mal/EncPk-IF or a fake antivirus program, Mal/FakeAV-AY, Cluley reported.
Cluley said hackers are increasingly setting up malicious sites that can determine if users are visiting from a Mac or PC "and serve up the right flavor of malware accordingly."
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
