Pure Overclock – Computer Hardware News, Reviews and More

 
 
 
 
 

CNN.com subject to malware email outbreak

Comments Off on CNN.com subject to malware email outbreak
Posted August 6, 2008 by admin in Internet

According to MX Lab messages are being sent from a random generated user email address not on the cnn.com domain. The links behind the top 10 directs you to a web site pretends that it can’t show you a video because you are running an incorrect Flash player.

A pop up window will ask you to download the correct video codec, an executable called get_flash_update.exe, but this is in fact the Trojan-Downloader.Agent.EL. This trojan ca an download and installs other malware onto infected machine.

This trojan will in fact create a new process on an infected machine: %System%\cbevtsvc.exe and creates a new service CbEvtSvc in the system. Quite some registry modifications are being made as well as a direct IP address connection to a remote host on TCP/IP port 443.



Find us on Google+