Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    December 2014
    S M T W T F S
    « Nov    
     123456
    78910111213
    14151617181920
    21222324252627
    28293031  
  • Email Subscription

  • About Us

    With the amount of media coverage surrounding this year’s papal conclave and inauguration, it’s hardly a surprise that cybercriminals have taken advantage of this event to victimize users. We recently spotted spam that use newly-elected Pope Francis as the subject.

    These email messages use the new pope and controversies surrounding the Catholic Church to pique the recipients’ curiosity. To convince users of the legitimacy of the emails, these cite CNN as the alleged source. A screenshot of an email can be seen below:

    Figure 1. Sample spam entry

    It should be noted that while the topic is supposedly about Pope Francis, the email below calls the new pope Benedict, which is actually the name used by his predecessor.

    Figure 2. Spam entry with wrong headline

    The embedded links lead users to sites which have been compromised by Blackhole Exploit Kits (BHEK). Blackhole Exploit Kits have been used to deliver a wide variety of malware incuding:

    • Infostealers
    • Backdoors
    • Remote Access Trojans (RATs)
    • Rootkits

    We detect and block all related spammed messages and all associated URLs.

    As for the related malware, we found out that the final payload (detected as TROJ_PIDIEF.SMXY) exploits CVE-2009-0927, a dated vulnerability in Adobe Reader and Acrobat, to perform its routines. Thus, users must ensure that their systems are up-to-date with the latest software update.

    Catholic or non-Catholic, Pope Benedict’s resignation and the new pope’s inauguration are news items that can pique anybody’s interest – and definitely a good chance for cybercriminals and other bad guys to con curious users. It’s not uncommon for these crooks to ride on certain trends, news, and events like last month’s scam that used the popular Google Glass competition.

    However, users are not defenseless against this type of threats. Social engineering techniques can be convincing, but by knowing how it works, you can prevent these ruses from affecting your online experience.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice