In what is called a sophisticated attack, hackers sending out spam email to users with links to what looked like CNN.com news feeds. When users go to the site and click on the news “stories” they get a message saying their flash player is incorrectly installed. While some savvy users decided to click “cancel”, the clever hackers broke their will by trapping them in an endless loop. Clicking “cancel” would yield a warning that the site would not display without the update, and clicking through the warning would bring the original message back up.
When users accepted the update they instead get a piece of malware, which phones home to a central server, which installs loads more malware. Over a 140 million bogus emails were sent in the last 2 days. Also over 1,000 pages had been hacked to be used to display the links. A Denver-based security company MX Logic Inc. helped to discover the attack and is investigating its origins.
Over the past few weeks, MX Logic stated on its corporate website it has been seeing more single-line spam, meaning an email that contains a brief bait based on fake news headlines such as “US track team disqualified from Olympics” or “Beijing Olympics postponed indefinitely” followed by a link. Once the user is hooked, the email will link to a “video codec” download to view the video, when in fact, it is malware.