CNN Spam Reloaded

Yesterday we detected several CNN spam messages that pointed to get_flash_update.exe with a different hash then the current one we have detected in past spam runs. We are seeing a whole new run of CNN spam messages hosted on several different domains using very authenticate looking emails with hidden links behind the news stories. It appears that this particular codec attack is evolving and changing dynamically in terms of sophistication, whereas before they had used very primitive methods to distribute this codec.

Most of these sites are legitimate sites that appear to have become compromised, some theories include vulnerabilities in .ASP code making them susceptible to SQL Injection attacks. More information can be found in the article “SQL Injections: The Future of Mass Hacking Campaigns

One Response to CNN Spam Reloaded

  1. Mme Siby says:

    how do I block or get rid of this cnn alert spam?
    sincerley siby

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: