CNN Alerts: still going strong with new malware and new URLs

The CNN Alerts spam campaign continues this morning with new email messages and new malware hidden behind the links. The latest change to the URL scheme they are using behind the “Full Story” link is cnnvid.html, cnnhottopics.html, cnnheadlines.html, cnncurrent.html, cnnplus.html, etc which directs the user to a fake video site. The codec name continues to be adobe_flash.exe, however malware authors behind this attack ever so slightly change the binary with each new spam message, thus, rendering the .exe undetectable for that period in time.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: