Malware

Internet

See all Internet

IT

See all IT

Mobile Tech

See all Mobile Tech

Security

See all Security

Technology

See all Technology

Newsletters

See all Newsletters

This Just In: Malware Mimics Breaking News Bulletin

In a clever twist on mass-mailed malware, a new worm masquerades as a CNNbreaking news bulletin complete with updated headlines to mimic the storiesappearing on CNN.com.

The content of the e-mail also comes directly from the news site. Astutee-mail users will note, however, that the bogus e-mail contains an attachment,the worm known as Crowt-A, while real CNN news bulletins have noattachments.

Innovative Use of Content

“The innovative thing about this worm is in its use of real-time, thirdparty content in the construction of the e-mail subject and text,” Ed Moyleof SecurityCurve told TechNewsWorld.

“Malware authors have historicallytried to make their attachment enticing to the recipient by using a subjectline and e-mail body that have a broad appeal. In general, the more appealingthe subject line and content, the greater the chance that a recipient willexecute the attachment.”

If executed, it displays typical worm behavior, scanning theinfected computer for contact lists and mailing itself to the foundaddresses. It may delete files from the computer, and it also contains abackdoor Trojan function, which logs keystrokes and sends a report back tothe worm author, who can then harvest passwords and other personalinformation.

Slow Spread

Anti-malware company Sophos first reported the worm and said there have onlybeen a few sightings of it.

“The content from CNN that is used isn’t particularly targeted to therecipient in question, so it’s not necessarily likely to spread quickly; inother words, the recipient may or may not be interestedin the content that the worm happens to select when it acquires theheadlines,” Moyle said.

“However, this worm shouldput the AV community on the alert that the use of third-party content in thedistribution vector is something that we’ll see more of,” he said. “Between this andSanty, worms are starting to make use of things outside their immediateenvironment to aid in spreading.”

Santy, which hit in December, used Google’s search function to find anddeface sites using phpBB, an open-source bulletin board program.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Susan B. Shor
view all
High-Risk Flaw Found in Symantec’s Software
December 22, 2005
Sony Digs Another Hole With ‘Overeager’ DRM Placement
December 7, 2005
Microsoft’s SNARF Finds Your Friends Among Tons of E-Mail
December 2, 2005
Dead Keeps Concert Sharing Alive
December 1, 2005
ICANN May Release Single-Letter Domain Names
November 29, 2005
Holographic Storage Disc Coming by End of Next Year
November 28, 2005
Web Portal Gives Patients Control of Mammogram Records
November 18, 2005
Computers Get Sober at the Holidays
November 16, 2005
Radio Makes a Comeback on Your Phone
November 15, 2005
IBM Reigns Supreme in Supercomputer Production
November 14, 2005
More in Malware
mobile app security
Mobile Security Firms Fortify Defenses as App Attacks Accelerate
February 5, 2024
tech industry trends for 2024
Rob Enderle’s Tech Forecast for 2024
December 11, 2023
scanning a QR code on a smartphone
Quishing Alert: Experts Advise Caution Before Scanning QR Codes
December 5, 2023
TV set-top box with remote control
Electronic Frontier Foundation Calls for FTC Action on Poisoned Set-Top Boxes
November 16, 2023
More Linux Malware Means More Linux Monitoring
September 15, 2023
passwordless computing
The Realities of Switching to a Passwordless Computing Future
September 5, 2023
IT Managers
Cyber Insurance Costs Rising, Coverages Shrinking: Report
August 29, 2023
computer programmers analyzing cybersecurity systems
HP Addresses Rising Security Threats Before an AI-Driven Wave of Pain
June 26, 2023
cybersecurity team in systems control room
AI ‘Hallucinations’ Can Become an Enterprise Security Nightmare
June 7, 2023
Russian hacker group
DOJ, Five Eyes Nations Unite To Dismantle Russian Cyber-Espionage Network
May 12, 2023

Why do you typically choose to use a ride-sharing service?
- select all that apply -
Loading ... Loading ...

Technewsworld Channels

Applications

Applications

Courts, Regulators Pose Threat To Apple Services Revenue in 2024

Audio/Video

Audio/Video

OpenAI’s Sora, ElevenLabs, and the End of Video Media as We Know It

Chips

Chips

GTC 2024: The Brilliant Insanity of Nvidia’s CEO and Which AI Vendors Stood Out

Computing

Computing

Nvidia Raises Ante in AI Chip Game With New Blackwell Architecture

Cybersecurity

Cybersecurity

Ransomware Gangs Targeting Backups To Maximize Payoffs

Data Management

Data Management

The Realities of Switching to a Passwordless Computing Future

Developers

Developers

AI Will Have a Transformative Impact on Software Development in 2024

Emerging Tech

Emerging Tech

Elegoo’s Vision Is Shaping the Future of 3D Printing

Exclusives

Exclusives

More Linux Malware Means More Linux Monitoring

Gaming

Gaming

Next-Generation Wi-Fi 7 Standard Expected To Be Finalized in Early 2024

Hacking

Hacking

Report Finds White Hats on Offensive Against Black Hat Hackers

Hardware

Hardware

Qualcomm Chip Closing Performance Gap With Apple M3 in Leaked Benchmarks

Health

Health

SevaCare Blood Pressure Monitor Offers Affordable Home Health Assurance

Home Tech

Home Tech

Temu and Homary: Online Retailers That Are Generally a Good Value

How To

How To

Lunar Lobster Is Dead: How To Upgrade to Ubuntu 23.10 Mantic Minotaur

Internet of Things

Internet of Things

Paranoia in the Home: 1 in 3 Americans Worried About Their Smart Gadgets Being Hacked

IT Leadership

IT Leadership

HP Amplify Event’s Second Act Was Worth the Wait

Malware

Malware

Mobile Security Firms Fortify Defenses as App Attacks Accelerate

Mobile Apps

Mobile Apps

The DOJ’s Flabby Antitrust Lawsuit Against Apple

Operating Systems

Operating Systems

LinDoz Returns With Advanced AI To Revamp the MakuluLinux Lineup

Privacy

Privacy

Are Deepfakes Overblown?

Reviews

Reviews

The Orbi RBE973 Wi-Fi Router Really Is That Good

Science

Science

AI-Powered Software Offers Breakthrough for Treating Dyslexia

Search Tech

Search Tech

Affiliate Marketing Contributing to Substandard Search Results: Study

Servers

Servers

Disorganization, Not Cost, Fuels the IT E-Waste Crisis

Smartphones

Smartphones

Apple, Google Talks Could Bring Gemini AI to iPhone

Social Networking

Social Networking

Tech Coalition Launches Initiative To Crackdown on Nomadic Child Predators

Space

Space

Amazon’s Competitor to Musk’s Starlink Takes Critical Step Toward Deployment

Spotlight Features

Spotlight Features

Standout Tech Products of 2023

Tablets

Tablets

10 Products From CES 2024 That Set the Innovation Bar

Tech Buzz

Tech Buzz

Might Nvidia Be the First Company With an AI CEO?

Tech Law

Tech Law

Electronic Frontier Foundation Calls for FTC Action on Poisoned Set-Top Boxes

Transportation

Transportation

How AI Could Have Prevented the Key Bridge Collapse

Virtual Reality

Virtual Reality

Vision Pro Revives One-and-Done App Purchases

Wearable Tech

Wearable Tech

Apple Vision Pro Impressions: One Week Later

Women In Tech

Women In Tech

‘Women Don’t Play’ Confronts Gender Disparity in the Tech Industry

More from ECT News Network

E-Commerce Times

B2B E-Commerce: Key Reports Indicate Many Web Stores Broken
B2B E-Commerce: Key Reports Indicate Many Web Stores Broken
April 10, 2024
Beyond the Cart: UX Hits and Misses Can Make or Break a Virtual Storefront
Beyond the Cart: UX Hits and Misses Can Make or Break a Virtual Storefront
April 2, 2024
Spectrio Digital Signage Gives AI Assist to In-Store Marketing
Spectrio Digital Signage Gives AI Assist to In-Store Marketing
March 27, 2024

LinuxInsider

Best Record Yet for Open Source Use in Business Worldwide
Best Record Yet for Open Source Use in Business Worldwide
April 12, 2024
What To Do if Your Linux Server Has Been Hacked
What To Do if Your Linux Server Has Been Hacked
March 22, 2024
Crafting Advanced DNS Configurations on Linux
Crafting Advanced DNS Configurations on Linux
March 19, 2024

CRM Buyer

Bigeye’s Dependency-Driven Monitoring Boosts Reliability of CRM Data
Bigeye’s Dependency-Driven Monitoring Boosts Reliability of CRM Data
April 15, 2024
AI-Human Collaboration and the Future of Customer Service
AI-Human Collaboration and the Future of Customer Service
April 4, 2024
Salesforce Enhances Field Service
Salesforce Enhances Field Service
March 21, 2024