Malware purveyors know people love to click on links about celebrities with reckless abandon, particularly if the pop-culture icon has run afoul of the law, cheated on his wife or endured some other sordid sort of misfortune.
All things considered, it might be a bit surprising that it took scamsters so long to come up with the latest malware scheme making its way across the Web and into millions of users’ inboxes.
Why wait for legitimate celebrity-related news before launching a malware assault when you can make it up on your own?
According to security-software vendor AppRiver, a new wave of crooks have begun using subjects, such as “Gwen Stefani Fatal Car Crash” to get people to open up their unsolicited emails. Then, they include a malicious attachment that says something like “CNN Hot News.zip (106KB)” to further entice people to make one little click.
Of course the bogus CNN zip file is actually an .exe file, specifically a “downloader” that AppRiver and other security-software firms have seen proliferate in recent months. The downloader opens a backdoor on the targeted PC or mobile device that can be used later to install multiple types of malware on the affected computer.
“Since we know that cybercriminals are always eager to take advantage of big news stories by sending out fake news alerts that often contain malware, it is not surprising to see them creating their own headlines,” Troy Gill, a security analyst at AppRiver, wrote in a blog post.
The clever malware campaign kicked off in the early morning hours Wednesday, according to AppRiver, and within the first few hours the messages were hitting email accounts at a rate of about 100,000 per hour. AppRiver claims its software helped block more than 650,000 of the offending emails so far.
This latest malware campaign demonstrates just how creative malware syndicates have become at using pop culture lures, seemingly benign attachment titles and readily available search query data to capitalize on Internet users’ zeal for celebrity gossip and news.
Last year, similar malware campaigns used Michael Jackson, the most-searched term of 2009, and Brittany Murphy to trick people into installing malicious code on their PCs and smartphones.
Earlier this month, security-software vendor McAfee released its Q2 2010 Threats Report, finding 10 million new pieces of malware in the first six months of the year, an all-time record.
Follow eSecurityPlanet on Twitter @eSecurityP.