Dirty bomb news report leads to PC infection

IT security and control firm Sophos is warning computer users around the world to be on their guard against a widespread, malicious spam campaign that poses as breaking news stories about a bomb blast in your city.

Samples intercepted by SophosLabs claim that 18 people have been killed in an explosion and link to a video news story on a supposedly Reuters-related website. In fact, computer users that click on the link will not find more information on this breaking news story, but will actually be taken to a website that is designed to infect their Windows PC with malicious code. However, Sophos warns that many computer users may not immediately notice the danger as the website attempts to identify users' whereabouts and customises the story to appear as though it relates to their location.

"This is a clever piece of social engineering and shows the lengths that cybercriminals will go to in order to trick more potential victims," said Graham Cluley, senior technology consultant at Sophos. "If you visit the webpage from Southampton, Bristol or London it is likely to claim that the bomb blast has occurred there. There are the usual clues that the observant computer user will recognise as spam - poor spelling and grammar being the key one - but the danger is that other less wary users won't notice this and will become engrossed in the story without realising that their PC is being infected as they read."

The emails have subject lines including "Why did it happen in your city?", "Take Care!" and "Are you and your friends in good health?", and part of the website text reads as follows:

'At least 12 people have been killed and more than 40 wounded in a bomb blast near market in Amsterdam. Authorities suggested that the explosion was caused by a "dirty" bomb. Police said the bomb was detonated from close by using electic cables. "It was awful" said the eyewitness about blast that he heard from his shop. "It made the floor shake. So many people were running'

ends

About Sophos

Sophos enables enterprises worldwide to secure and control their IT infrastructure. Our network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift.

With over 20 years of experience, we protect over 100 million users in nearly 150 countries with our reliably engineered security solutions and services. Recognized for our high level of customer satisfaction, we have an enviable history of industry awards, reviews and certifications. Sophos is headquartered in Boston, MA and Oxford, UK.

Sophos's head office for the Asia Pacific region is located in Sydney and features research and development, threat analysis and technical support facilities.