Pureoverclock: PC Hardware reviews and news for overclockers!


CNN.com subject to malware email outbreak

Posted August 6, 2008 by admin in Internet

According to MX Lab messages are being sent from a random generated user email address not on the cnn.com domain. The links behind the top 10 directs you to a web site pretends that it can’t show you a video because you are running an incorrect Flash player.

A pop up window will ask you to download the correct video codec, an executable called get_flash_update.exe, but this is in fact the Trojan-Downloader.Agent.EL. This trojan ca an download and installs other malware onto infected machine.

This trojan will in fact create a new process on an infected machine: %System%\cbevtsvc.exe and creates a new service CbEvtSvc in the system. Quite some registry modifications are being made as well as a direct IP address connection to a remote host on TCP/IP port 443.


Be the first to comment!

Leave a Response


Find us on Google+