Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2014
    S M T W T F S
    « Aug    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • About Us

    The upcoming London Olympics is undoubtedly one of the most highly-anticipated sporting events of the year. It is also a favorite social engineering ploy among cybercriminals. Just recently, we found an Olympics scam in the form of a lottery that promises a free travel package to the event. Some online crooks, however, played it differently this time. Instead of the typical Olympic-related scams wherein users supposedly won tickets to the event, this scam arrives as spam disguised as an email advisory.

    As mentioned, this scam comes in the form of email messages that warn recipients of fake websites and organizations selling tickets to the London Olympics 2012. These mails contain the official logo of the event to possibly deceive users of its legitimacy. Included in the message is an attached .DOC file that lists these bogus ticket sellers. The attachment, however, is actually a malicious file detected by Trend Micro as TROJ_ARTIEF.ZIGS. The malware takes advantage of the RTF Stack Buffer Overflow Vulnerability (CVE-2010-3333) to drop the backdoor BKDR_CYSXL.A. This backdoor may perform several malicious routines, including deleting and creating files and shutting down the infected system.

    Readers who frequently visit this site surely know that this is just one of the many Olympic-related scams that we have seen in the past. As early as October 2008, spam messages were found masquerading as Olympic 2012 lottery notifications. Other sports events like the Beijing Olympics in 2008 and the FIFA World Cup were also no strangers to this type of ruse.

    As the London Olympics 2012 draws near, we are expecting this type of threats to proliferate. Thus, users should make it a habit to check the legitimacy of any message before downloading the attachment or clicking the links included in it.

    Trend Micro users are protected from this threat via Trend Micro™ Smart Protection Network™, which detects and deletes all the related malware. Trend Micro Deep Security also shields systems from being exploited via Rule 1004498 – Word RTF File Parsing Stack Buffer Overflow Vulnerability.

    To know more about previous threats that took advantage of the Olympics, World Cup and other major sporting events, you may read our entry Sports as Bait: Cybercriminals Play to Win.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice