Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« The Mother of All IRS Refund Scams | Main | Windows News Malware Lure »

July 28, 2008

Supermarket Tabloid Spam

Although "tabloid" generally refers to the physical size of a newspaper page—smaller than the traditional newspaper page—here in the States the term more commonly connotes newsprint publications that have glaring and sensational headlines. Visit nearly any grocery store checkout line, and you'll see copies of The National Enquirer, The Globe, Star, and others shouting headlines about celebrities (dead, alive, or otherwise) in dire situations, UFOs, freaks of nature, bogus medical breakthroughs, and so on. The veracity of the stories and photos...well, I find it hard to believe that JFK had a love child with an alien from another galaxy.

Now, look at some of these sensationalist headlines:

  • F.B.I. Looks Into Facebook
  • US athletes banned from Beijing Olympics
  • Research show that London is the second capital of India
  • Air pollution forces Beijing closure
  • Steve Jobs diagnosed with pancreatic cancer and has about a week to live
  • A-rod dropped from team
  • MRI show promise for detection of early Alzheimer's
  • Dark Knight disapproved by Vaticans due to satanic links
  • Cars that really transform
  • British PM to quit
  • China denies visa to German athletes, angering world community
  • Huge oil spill off California coastline
  • Bomb scare in UK stops traffic
  • Army Of Two, Dick Cheney And John Mccain Invade Iran
  • Cannibalism!........In The Usa
  • [audio] Hillary Receives 3 A.M. Phone Call From Drunken Bill Clinton
  • Miss USA falls in Miss Universe
  • Trump tower collapses following fire
  • Al Pacino investigated by police for mob funding
  • Savage dog attack leaves students in critical condition
  • New York Knicks team killed in bus accident

These are just some samples of the subjects and bodies of malware-luring spam that arrived here over the past few days. And these aren't the really sick ones.

The destination pages of the URLs supplied in the messages typically include a link that supposedly shows a video, but in truth downloads an executable malware loader. At the same time, those pages silently try to load malware through an invisible iframe element—particularly targeting unpatched Windows machines visiting with Internet Explorer web browsers. From my peeks into the iframe script attacks, it seems to me that more than one gang is at work here. Thus, the gangs appear to be competing for victims' attention through increasingly outlandish email lures.

It's like being in the supermarket checkout line while sitting in front of your computer. But when you're checking your iPhone email while actually standing in the checkout line, you are sucked into a vortex that makes you believe that Angelina Jolie's twins were delivered looking exactly like Sonny and Cher.

Posted on July 28, 2008 at 09:32 AM