Hi-tech thieves target Olympics
3 posters
Page 1 of 1
Hi-tech thieves target Olympics
The start of the Olympics has proved irresistible to cyber criminals, say security firms.
The volume of junk e-mail messages with an Olympic theme spiked prior to the opening ceremony, said Symantec.
The malicious messages try to trick people into visiting fake
sites or opening booby-trapped e-mail attachments, say other firms.
Some messages falsely claim users have won an Olympic lottery and encourage them to respond to claim their prize.
Hack attack
"The Beijing Olympics is gearing up to be one of the biggest
events of the year and hackers and spammers will see it as a massive
opportunity to compromise the unwary," said Con Mallom, a spokesman for
Symantec.
Symantec said the messages in the spam it had seen related to the games ran the gamut of modern security threats.
"Members of the public have to remember that they should not
open e-mails or click on links from unknown sources, no matter how many
gold medals they are offering," said Mr Mallom. Rik Ferguson of Trend Micro said the games could inspire
attacks on sites related to the games in a bid to compromise them. The
hijacked sites would then be used to attack visitors keen to catch up
with the sporting event.
"We are fully anticipating malicious social engineering techniques
to exploit people's interest in this event, luring unsuspecting users
into clicking on compromised websites and into handing over sensitive
personal information," he said.
Security firm Marshal said many of the malicious and junk messages emerging from the Rustock botnet were about the games.
A botnet is made up of a collection of home computers that have
been hijacked by a gang of hi-tech criminals who then put it to a
variety of ends. Some gangs simply vacuum up the personal data they
find on compromised machines, others use the botnets to pump out spam
or to attack other sites.
Phil Hay, lead threat analyst for Marshal, said e-mails sent
out via Rustock to catch people out were getting more sophisticated.
The latest batch appear to be about headline stories on CNN and many
concern the Olympics.
Those clicking on the headlines get taken to a fake CNN video
report and is asked to install a codec to watch the film. Those
installing the codec become part of the Rustock botnet.
"As time has gone on, the criminals behind Rustock have
adjusted the appearance and sophistication of their messages to become
more convincing at fooling recipients into infecting themselves," said
Mr Hay.
Security company MessageLabs said it was not just members of the
public that were at risk. The company said it had seen a campaign that
used e-mails crafted to look like they had been written by the
International Olympic Committee.
The messages have been sent to those who are part of national sporting organisations or help train athletes.
Travelling with the fake messages is a booby-trapped Adobe PDF that, if installed, steals data from a compromised PC.
The vast majority of the computer security threats taking advantage of the Olympics are aimed at users of Windows PCs.
Carole Thierault, senior security consultant at Sophos, said to
stay safe people should keep their anti-virus software up to date, use
a firewall and install updates to Windows as they become available.
Of course hackers will do their best to capitalise on this
event," said Ms Thierault. "The most effective way to avoid the
pitfalls is to make your device an unattractive target.
The volume of junk e-mail messages with an Olympic theme spiked prior to the opening ceremony, said Symantec.
The malicious messages try to trick people into visiting fake
sites or opening booby-trapped e-mail attachments, say other firms.
Some messages falsely claim users have won an Olympic lottery and encourage them to respond to claim their prize.
Hack attack
"The Beijing Olympics is gearing up to be one of the biggest
events of the year and hackers and spammers will see it as a massive
opportunity to compromise the unwary," said Con Mallom, a spokesman for
Symantec.
Symantec said the messages in the spam it had seen related to the games ran the gamut of modern security threats.
"Members of the public have to remember that they should not
open e-mails or click on links from unknown sources, no matter how many
gold medals they are offering," said Mr Mallom. Rik Ferguson of Trend Micro said the games could inspire
attacks on sites related to the games in a bid to compromise them. The
hijacked sites would then be used to attack visitors keen to catch up
with the sporting event.
The most effective way to avoid the pitfalls is to make your device an unattractive target Carole Thierault, Sophos |
"We are fully anticipating malicious social engineering techniques
to exploit people's interest in this event, luring unsuspecting users
into clicking on compromised websites and into handing over sensitive
personal information," he said.
Security firm Marshal said many of the malicious and junk messages emerging from the Rustock botnet were about the games.
A botnet is made up of a collection of home computers that have
been hijacked by a gang of hi-tech criminals who then put it to a
variety of ends. Some gangs simply vacuum up the personal data they
find on compromised machines, others use the botnets to pump out spam
or to attack other sites.
Phil Hay, lead threat analyst for Marshal, said e-mails sent
out via Rustock to catch people out were getting more sophisticated.
The latest batch appear to be about headline stories on CNN and many
concern the Olympics.
Those clicking on the headlines get taken to a fake CNN video
report and is asked to install a codec to watch the film. Those
installing the codec become part of the Rustock botnet.
"As time has gone on, the criminals behind Rustock have
adjusted the appearance and sophistication of their messages to become
more convincing at fooling recipients into infecting themselves," said
Mr Hay.
Most attacks are aimed at PCs running Windows |
Security company MessageLabs said it was not just members of the
public that were at risk. The company said it had seen a campaign that
used e-mails crafted to look like they had been written by the
International Olympic Committee.
The messages have been sent to those who are part of national sporting organisations or help train athletes.
Travelling with the fake messages is a booby-trapped Adobe PDF that, if installed, steals data from a compromised PC.
The vast majority of the computer security threats taking advantage of the Olympics are aimed at users of Windows PCs.
Carole Thierault, senior security consultant at Sophos, said to
stay safe people should keep their anti-virus software up to date, use
a firewall and install updates to Windows as they become available.
Of course hackers will do their best to capitalise on this
event," said Ms Thierault. "The most effective way to avoid the
pitfalls is to make your device an unattractive target.
enigma_1- super moderator
-
Number of posts : 1240
Age : 114
Location : India
mig33 username : enigma_1
Registration date : 2007-09-22
Re: Hi-tech thieves target Olympics
Really?
Wow!
Nice!
Wow!
Nice!
Giga- VIP member
-
Number of posts : 1140
Age : 35
Location : -
mig33 username : nigahiga-dwls-fm
I\'m from :
Registration date : 2008-06-12
Re: Hi-tech thieves target Olympics
oh....thats realy interesting
r0mz- Senior member
-
Number of posts : 935
Age : 39
Location : Tanzania
mig33 username : r0mz---relo4d3d
Registration date : 2008-06-10
Re: Hi-tech thieves target Olympics
r0mz wrote:oh....thats realy interesting
yeah r0mz lets see what happens
Guest- Guest
Similar topics
» Mig33 olympics winners
» 2008 Olympics open in Beijing
» Tech recruitment
» New mods and tech
» mixit near to bankrupts says the tech news
» 2008 Olympics open in Beijing
» Tech recruitment
» New mods and tech
» mixit near to bankrupts says the tech news
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|