TELECOM Digest OnLine - Sorted: Text Messaging Used as a Malware/Virus Lure

Text Messaging Used as a Malware/Virus Lure

Ryan Naraine (eweek@telecom-digest.org)
Mon, 26 Jun 2006 13:15:44 -0500

Review Index Sorted By: [ date ][ thread ][ subject ][ author ]
Next message: Claudia Parsons: "Slate.com is Ten Years Old"
Previous message: Reuters News Wire: "Cell Phone Signals Excite Brain According to Study"
TELECOM Digest: Home Page

Ryan Naraine - eWEEK

Botnet herders have found a crafty new way to lure computer users to
maliciously rigged Web sites-via text messaging on cell phones.

The latest social engineering trick is to send SMS (short messaging
service) alerts to mobile phones with a warning that the target has
subscribed to an online dating service that racked up expensive
charges on cell phone bills.

The message includes a URL for the user to unsubscribe to avoid the $2
per day charges.

According to a warning from anti-virus vendor CA, the URL points to a
Web site rigged with Win32/Bambo.CF, a Trojan horse program used by
identity thieves to hijack sensitive user information.

The fake dating Web site associated with the scam has been set to
entice targets into entering the phone number. At this point, it
attempts to load an executable file called "unregister.exe."

Interestingly, the Web page does not attempt to exploit any software
flaws. Instead, the attacker provides step-by-step instructions to
click the "Run" button on each warning page, providing an easy way
around the Internet Explorer security warning prompt.

For advice on how to secure your network and applications, as well as
the latest security news, visit Ziff Davis Internet's Security IT Hub.

If the program is run, it installs the Trojan, CA said in its
advisory.

At press time June 23, the malicious Web site was still active.

Websense Security Labs, a San Diego, Calif., malware research company,
said the bot is a variant of Dumador, a back door that opens two ports
and allows the computer to be remotely controlled by malicious
hackers.

Dumador is controlled by a Web-based HTTP controller that is used to
send commands to botnets.

A botnet is a collection of hijacked computers used to send spam or
launch distributed denial-of-service attacks.

While bots are mostly controlled by IRC (Internet Relay Chat)
channels, researchers at Websense say Web-based controllers have
become popular with bots that are used to capture and transmit
keylogger information and to store user data.

Check out eWEEK.com's Security Center for the latest security news,
reviews and analysis. And for insights on security coverage around the
Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's
Weblog.

Copyright 2006 Ziff Davis Inc.

NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily. And, discuss this and other topics in our forum at
http://telecom-digest.org/forum (or)
http://telecom-digest.org/chat/index.html

For more tech and computer news of interest, please go to:
http://telecom-digest.org/td-extra/technews.html

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Claudia Parsons: "Slate.com is Ten Years Old"
Go to Previous message: Reuters News Wire: "Cell Phone Signals Excite Brain According to Study"

TELECOM Digest: Home Page

Post Followup Article	Use your browser's quoting feature to quote article into reply
Go to Next message: Claudia Parsons: "Slate.com is Ten Years Old"
Go to Previous message: Reuters News Wire: "Cell Phone Signals Excite Brain According to Study"
TELECOM Digest: Home Page