Pureoverclock: PC Hardware reviews and news for overclockers!

 
 
 
 
 

CNN.com subject to malware email outbreak

0
Posted August 6, 2008 by admin in Internet

According to MX Lab messages are being sent from a random generated user email address not on the cnn.com domain. The links behind the top 10 directs you to a web site pretends that it can’t show you a video because you are running an incorrect Flash player.

A pop up window will ask you to download the correct video codec, an executable called get_flash_update.exe, but this is in fact the Trojan-Downloader.Agent.EL. This trojan ca an download and installs other malware onto infected machine.

This trojan will in fact create a new process on an infected machine: %System%\cbevtsvc.exe and creates a new service CbEvtSvc in the system. Quite some registry modifications are being made as well as a direct IP address connection to a remote host on TCP/IP port 443.



0 Comments



Be the first to comment!


Leave a Response

(required)


Find us on Google+