• On MovieTome: See the villain of IRON MAN 2!
August 13, 2008 11:12 AM PDT

Don't click that headline, security researchers warn

by Robert Vamosi
  • Font size
  • Print
  • 5 comments
Share

A flood of e-mails pretending to be from MSNBC contain links to malicious software, security companies warned Wednesday.

According to an MX Lab blog post, subject lines always start with "msnbc.com - BREAKING NEWS" then are followed with a variety of possible headlines, including: "Google launches free music downloads in China"; "Plane crashes into prep school, hundreds of kids killed"; "Please give your opinions for change"; and "US Dollar hits 6-year high, further gains expected."

The Web address http://breakingnews.msnbc.com is valid if you type it into your browser; however, clicking the link within the body of the e-mail will take you to another site entirely. The bogus site will then ask you to download a Flash video file. It is the file adobe_flash.exe that contains a malicious Trojan horse.

Sophos and Websense also issued warnings about the e-mails. Earlier this month, Sophos warned that fake CNN Top Ten e-mails contained a similar Trojan horse. In 2006, the BBC was used in a similar attack.

Disclosure: CNET News is published by CBS Interactive, a unit of CBS.

As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments.
Topics:

News,

Vulnerabilities & attacks

Tags:

security,

MSNBC,

CNN,

BBC,

Adobe,

Flash,

Sophos,

MXLab

Share:
Digg
Del.icio.us
Reddit
advertisement
Click Here
Recent posts from Security
PC Tools Internet Security 2010 reviewed
Google Chrome now bundled with Avast
Some Avast users must reinstall flagged files
Defense Dept. pulls software over privacy issues
Microsoft to plug critical IE hole targeted by exploit code
Google wants to unclog Net's DNS plumbing
Avast update falsely flags good apps as malware
Character limitations in passwords considered harmful
Related
FAQ: Recognizing phishing e-mails
Week in review: Old faces in new places
Fake CDC vaccine e-mail leads to malware
In animated videos, news and guesswork mix
Jailbroken iPhone? SSH installed? Beware of worms!
Apple updates Safari for security
Expert says Adobe Flash policy is risky
Rickrolling iPhone worm is never gonna give you up
Add a Comment (Log in or register) (5 Comments)
  • prev
  • 1
  • next
by professionaladventurer August 13, 2008 12:21 PM PDT
A look in my spam folder shows hundreds of emails with the subject of CNN - top 10 all fake, but if it's MSNBC it news?
Reply to this comment
by `WarpKat August 13, 2008 3:27 PM PDT
Uh...sorry, C-Net - this has been going on for a few months already. When you have news about tomorrow, THEN I'll be impressed.
Reply to this comment
by noitis August 14, 2008 11:20 AM PDT
You missed the biggest rip. I got the MSNBC news alert as soon as I clicked on it--AntiVirus XP2008 a rogue anti virus monster took over my laptop. None of my security/virus software caught the 2-trojans and a slew of parasites and a worm/nuvan. AVG after 4-6-hours got the Trojans and some back-door Trojans. The problem is AntiVirus XP2008 took my screen saver/slowed the laptop to a crawl and all of the malware/spyware can't get rid of it--entirely. Why hasn't anyone stopped this rogue antivirus xp2008 from its nefarious activities. They lay their eggs and want you to pay $59 to get rid of them. Any suggestions.
Reply to this comment
by indnajns August 18, 2008 5:12 AM PDT
Re: noitis
If that's the one that sticks the blue/yellow warning on your desktop, try Super Anti-Spyware (www.superantispyware.com). It seemed to be the only thing that would get that off my machine, and that was after three days of trying all the "known fixes" I could find. Free removal, they do take donations and have a pro version. Definately worth it.
by Vurk August 14, 2008 1:54 PM PDT
Use a different AV program in safe mode. Anti-vir (www.free-av.com) is good with detection and will install in safe mode, where others (who use the Microsoft installer .msi) wont.
Reply to this comment
(5 Comments)
  • prev
  • 1
  • next
advertisement

The yogurt makers of tech: Gadgets to avoid

Don't buy these one-trick ponies--unless you like gizmos that gather dust.

Google wants to unclog Net's DNS plumbing

The Net giant, ever eager for a faster Internet, debuts its Google Public DNS service. With it, Google could become even more central to the Net.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET