Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43434
  • Total Topics: 16528
  • Online today: 3114
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 2
Guests: 3044
Total: 3046









Author Topic: Do Not Pass Go: Malware Taps Phony 'Monopoly' (monopoly.exe, monopoly2009.com)  (Read 6655 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Unsolicited invitation to play an online version of the popular board game can turn your computer into a spam-spewing zombie.

This time, hackers are luring unsuspecting users with an invitation to play an online game of Monopoly. But there's no Boardwalk or Park Place -- just a Trojan that, if activated, will turn your PC or mobile device into a spam distribution center.

The discovery was made Monday by members of McAfee's MX Logic security software team: http://go.internet.com/?id=474X1101&url=http%3A%2F%2Fwww.mxlogic.com%2Fitsecurityblog%2F1%2F2009%2F09%2FWant-to-Play-Monopoly--Spammers-Dont-Play-Fair.cfm

This so-called social engineering tactic isn't new, however, though it's fairly well done and conceived, according to Sam Masiello, MX Logic's director of threat management.

"If the recipient follows the link to the monopoly2009.com Web site, they are greeted with a Web page that actually looks fairly well done advertising the Monopoly 'game' and encouraging the user to download using several links dispersed throughout the page after giving a brief history of the game and providing some fun facts," Masiello wrote on the security team's blog: http://go.internet.com/?id=474X1101&url=http%3A%2F%2Fwww.mxlogic.com%2Fitsecurityblog%2F1%2F2009%2F09%2FWant-to-Play-Monopoly--Spammers-Dont-Play-Fair.cfm

The malware isn't installed on the user's machine by visiting the Web page. But if a user downloads and installs the monopoly.exe file it offers, a Trojan is activated on the computer or mobile device. The virus then connects with another computer behind the scenes to download a second piece of malware that activates the spamming application.

Masiello wrote that the faux Web site includes some features designed to trick people into installing the malware, including a hit counter at the bottom of the page that fabricates how many people are playing online right now and how many people have visited the site.

Security software experts say social engineering and event-related come-ons -- such as the death of a celebrity or breaking news story -- have become all the rage with hackers in recent months and advise users to think twice before downloading any unsolicited applications no matter how intriguing they appear to be.

(InternetNews)

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023