Emails apparently pointing to CNN's website, featuring a story about how Mitt Romney will surely win this year’s election, are making the rounds, attempting to dupe recipients into visiting a malware-laden website.
When cybercriminals drink their morning coffee, they’re probably leafing a newspaper thinking “let’s see what hot topics we can leverage for today’s malicious campaign,” followed most likely by an evil laughter.
It seems that these days they’re inspired by the ongoing United States presidential campaign.
Experts from security firm Sophos have spotted
a large number of emails entitled “CNN Breaking News - Mitt Romney Almost President.”
When opened, the messages display what appear to be the day’s top stories on CNN, with headlines such as “More than 60 percent of votes will be in favor of Mitt Romney” or “Revolution, which was anticipated so long ago, seems to have started.”
If the “Full Story” links are clicked, victims are taken to a malicious website that hosts the infamous BlackHole exploit kit.
It’s uncertain at this point if the exploit kit is BlackHole 2.0 or an older variant, but its functionality is certainly curious, to say the least.
In case the system is not vulnerable to any of the exploits integrated into BlackHole, the victim is presented with a page that almost perfectly replicates the Adobe Flash Player download page.
Here, users are urged to download the latest version of the media player. However, as expected, the update - update_flash_player.exe
– is not legitimate, but a piece of malware which attempts to connect to remote locations in order to download other malicious elements.
Finally, here’s some advice for our readers. It’s clear that cybercrooks are doing everything in their power to spread their malicious creations. That’s why we advise internauts to act with maximum caution when presented with stories that are likely false.