Fake News Bulletin Email Spreads Malware

Spammers and hackers have been sending out e-mail messages that look like they are coming from CNN or MSNBC as news alerts. It's easy to fall for this trick, especially if you actually have subscribed to receive news alerts via e-mail. The e-mails have included subject lines such as "CNN Alerts", "CNN.com Daily Top 10", and "Breaking News" with phony or legitimate news headlines.

According to PC World, one example includes a link that brings users to a fake CNN site, "where they are told they need to download an update to Flash Player, Adobe System Inc. 's popular Internet media player, to view a video clip from CNN."

"If users agreed to download the bogus Flash update, they were trapped in an endless loop, where clicking "Cancel" in the initial dialog produced a second pop-up. Clicking "Cancel" there returned the user to the first pop-up. The only options at that point were for users to shut down the browser or give in and install the malware."

"The bogus update -- named "adobe_flash.exe," ...is actually a Trojan horse identified by security vendors as "EncPk-DA" and "Exchanger.mn" among other names. The Trojan, in turn, "phones home" to a malicious server to grab and install more malware."

As a result of the rash of these fake e-mails, Adobe has issued the following warning: "Do not download Flash Player from a site other than Adobe.com," said David Lenoe, the company's product security program manager, in an entry on a company blog. "If you get a notice to update, it's not a bad idea to go directly to the site of the software vendor and download the update directly from the source. If the download is from an unfamiliar URL or an IP address, you should be suspicious."

Source: PC World: Fake CNN Alert Still Spreading Malware , and Fake News Bulletin Spreads Malware