Jump to content
Wubi

NYC Traffic Ticket spam is really Blackhole malware attack

By Wubi, in Stiri securitate

Recommended Posts

Wubi Newbie

Wubi

Posted
Posted

NYC Traffic Ticket spam is really Blackhole malware attack | Naked Security

by Graham Cluley on July 25, 2012

traffic-cop-170.jpg?w=640

Don't be too quick to believe that the New York State police are charging you with a traffic offence - that email you just opened in your inbox could actually be an attempt to infect your computer.

The team at SophosLabs have been intercepting a malicious spam campaign today which tries to trick the recipient into believing that they were caught speeding.

Here's what a typical email used in the attack looks like:

ticket.jpg?w=640

Subject: NYC Traffic Ticket [id number]

Message body:

New York State * Department of Motor Vehicles

UNIFORM TRAFFIC TICKET

NEW YORK STATE POLICE * POLICE AGENCY

Local Police Code

THE PERSON DESCRIBED ABOVE IS CHARGED AS FOLLOWS

Time: 7:18 AM

Date of Offense: 09/12/2011

IN VIOLATION OF

NYS V AND T LAW DESCRIPTION OF VIOLATION:

SPEED OVER 55 ZONE

TO PLEAD, PRINT CLICK HERE AND FILL OUT THE FORM

Of course, if you have your head on straight you might ask yourself how the New York police could possibly have your email address (or at least how they would have connected it to your car). Or you might realise that the message is clearly spam as you weren't anywhere near New York on the day in question.

But plenty of people won't have their head on straight, and - in their fluster - might click on the link without thinking. That's what the cybercriminals are banking on.

Malware authors have used a very similar disguise in the past, tricking users into opening a dangerous attachment.

On this occasion, however, there is no attachment. Instead, a link takes users to a website playing host to the Blackhole exploit kit - within seconds visiting computers can be infected via Adobe Flash and PDF exploits, detected by Sophos products as Troj/SWFExp-AI and Troj/PDFEx-GD.

We've certainly seen lots of attacks involving the Blackhole exploit kit lately, including rejected wire transfer notifications and fake Facebook photo tag notifications.

Keep your anti-virus software up-to-date, your operating system and applications patched, and - essentially - your wits about you.

Hat-tip: Thanks to SophosLabs researcher Przemek Miozga for his assistance with this article.

Sursa: NYC Traffic Ticket spam is really Blackhole malware attack | Naked Security

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...