Thursday, August 30, 2007

IMPORTANT!!!! Blogger Worm Alert. Via BBC News.

I copied this from my BBC news feed. Be careful out there in blog world.


Bloggers battered by viral storm

Some blogs have been found hosting booby-trapped linksGoogle's Blogger site is being used by malicious hackers who are posting fake entries to some blogs.

The fake entries contain weblinks that lead to booby-trapped downloads that could infect a Windows PC.

Infected computers are being hijacked by the gang behind the attacks and either mined for saleable data or used for other attacks.

The Blogger attack is the latest in a series by a gang that has managed to hijack hundreds of thousands of PCs.

Attack pattern
Security researcher Alex Eckelberry from Sunbelt Software first noticed the booby-trapped links turning up on Blogger on 27 August.

Now many hundreds of blogs on the site have been updated with a short entry containing the link.
Mr Eckelberry said it was not yet clear how the links were posted to blogs. The bogus entries could have exploited a Blogger feature that lets users e-mail entries to their journal.
The blogs themselves could also be fake and set up solely to act as hosts for spam.

STORM WORM SUBJECT LINES
are you kidding me? lol

Dude dont send that stuff to my home email...
Dude your gonna get caught, lol
HAHAHAHAHAHA, man your insane!
I cant belive you did this
LMAO, your crazy man
LOL, dude what are you doing
man, who filmed this thing?
oh man your nutz
OMG, what are you thinking


Google has yet to comment on the attack and how it might have been carried out.

The entries on the blogs have the same text as some of the spam distributed by the group behind the attacks. These attempt to trick people into clicking on links and downloading booby-trapped files using cleverly crafted messages.

Some pose as YouTube links others claim to be looking for testers of software packages or digital greetings cards.

The group behind the attack on Blogger is thought to have mounted a huge series of attacks since January.

The first attack used a spam that purported to give recipients more information about the severe storms seen in Europe in January.

This led to the virus used by the gang being dubbed the "Storm Trojan".
Since January the group has been sending out huge numbers of different spam messages in a bid to trick people.

"The criminals responsible for this spam campaign are experts at exploiting social engineering to propagate their botnets," said Bradley Anstis from security firm Marshal.

The spam messages have been changed to capitalise on news events and the viral payload has been updated many times to fool anti-virus programs.

Mr Anstis said the sheer number of messages being sent by the group was staggering. On some days, he said, 4-6% of all the junk messages seen by Marshal were sent by the group.

Security experts estimate that the group can send out so much junk mail because they have hijacked so many Windows PCs via successive campaigns.

Some suspect that the group has infected more than one million PCs over the last eight months.

1 comment:

bubandpie said...

This is why I'm glad I use a Mac! (Not that that helped me when my hard drive malfunctioned, argh.)