|
|
|
Text Messaging Used as Malware Lure
By: Ryan Naraine
2006-06-23
Article Rating: / 0
There are 0 user comments on this Network Security & Hardware story.
Botnet herders have found a slick new way to hijack data from computer users for identity theft.Botnet herders have found a crafty new way to lure computer users to maliciously rigged Web sites—via text messaging on cell phones.
The latest social engineering trick is to send SMS (short messaging service) alerts to mobile phones with a warning that the target has subscribed to an online dating service that racked up expensive charges on cell phone bills.
The message includes a URL for the user to unsubscribe to avoid the $2 per day charges.
According to a warning from anti-virus vendor CA, the URL points to a Web site rigged with Win32/Bambo.CF, a Trojan horse program used by identity thieves to hijack sensitive user information.
The fake dating Web site associated with the scam has been set to entice targets into entering the phone number. At this point, it attempts to load an executable file called "unregister.exe."
Interestingly, the Web page does not attempt to exploit any software flaws. Instead, the attacker provides step-by-step instructions to click the "Run" button on each warning page, providing an easy way around the Internet Explorer security warning prompt.
 For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.
If the program is run, it installs the Trojan, CA said in its advisory.
At press time June 23, the malicious Web site was still active.
Websense Security Labs, a San Diego, Calif., malware research company, said the bot is a variant of Dumador, a back door that opens two ports and allows the computer to be remotely controlled by malicious hackers.
Dumador is controlled by a Web-based HTTP controller that is used to send commands to botnets.
A botnet is a collection of hijacked computers used to send spam or launch distributed denial-of-service attacks.
While bots are mostly controlled by IRC (Internet Relay Chat) channels, researchers at Websense say Web-based controllers have become popular with bots that are used to capture and transmit keylogger information and to store user data.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
|
|
�������x}r㶲s\@♵MQHS-ƶ,y&uT� I)R|IN~b:?qt�M�=3>dl��@oh4�?�y$3G3L{L�cnQ;uGuޙ%w6{'R(-GkP+N-˛i:@
4�k9�9>usM�����>��;|�9|@vD��%�j'~Cm3czcW6ژz29m2�f��E63JG�}9D@�~5;�m�(EL@.l\(�:{ c� [t�T�9/yT|���wTsǦ;�=a�'B%h��G�Qus_7;x'Ț?�_h@AUw0vKfO�N-G ȓ�ڭBul�t�iors!!ksͽ>Hݠ匝oq@ؓ&Ith�m5�b'R#b�#�:�Q�^]ݱ��&R,R͌iAw4Ԭ=iQ��z3��g��#�-}�2�E9$�7��\4RX_3'A8:A'lǦ,jO`U[۾x��5v:s'sz3r�x�K��KU_�z�cnhބ�;曎��L\:j/�yÙF-Sԗu@UZ+��R^(�i�νgDU3}77��*�
E2G|���q7�Z}��m9>xMSj�stuO}vN�6ox��vtx/ȯ0wIL~'@Dr�T*4ND��&ͧĆ�WP� u�ϑjzQ�[N-ZzQ-�jR;,kz� f�V҈�'�E)ԑX�;lji_WW^GW wbL,!�ZUU
�Z*]?#;Sjqsr||qӹ8I�?u=$%t:�+?ۦ�'_Z-կ7#x0�u=`kh2�`;�9RVKJ=�Oݣ6Y$Y)�q~F��黚(-4K�93}1c%? ,�_��%?f�k��3
Jo SE@;-�uj���+U:oU�_&T3oH�2����]#w�� a6F�AL4�\� ��A�CxdMi�l&XJp;�Q�=m̗V/``(A/g�m�Ru3
.�
qf�1;A0<^fD/�_��\D�
1
p��${"�.S4�epv��~�ZnV͉*YX]uUjZlp�Y?�iKouq__I{v��ǫD
�#��EHYf7-vI0�갦tTzd:7RA ^,ԕo+& rO�f[Ԗ-� u5o~O����:mNR�m:;Sjicvi|��
Q�}Ц�ޣ<5}M���I70i�|�V835�uӹgA �{>�0��}sJY#D�$�7
�l"�v̨
C|'s\(Lw^ c�2r)%łdhG�!"�-i]N�P@A�r6<��-;�,rr�d+��+~Gy=#!b\[2��(nO�q$9cg��ڹ&,�,ЂW-Ktf`(L=?뺾j1!��G�,D`v9r,L��.�[
ϴ�X�k%jvV+E�6
��oL}ơGSyJ^.(���Rݗ�?3�w8L�T�#Wu�??.�� 7R��iBI1?,x݅PǷG#S7a�4EWPo_�j�;@1E�L$k�mmjBB63 �]gʠ���F'(���_u˙��,g[*˗���(Vzqrn7��C��p�l�>H����_Nw\Գ&VAB �glCC��{�ޡ[Y3T w^;=�=PgaE8F<�b5i%fQ7=KęR48%1LasW|��](uuOKӬ�YK�uoo[�9(ĿKӺJ�J'-�H"oh��koռE_x�ee8Hy K-C�r�`}.E�6K�h�/00��Ϳl�]�86p#��{��+EE.MLXZfFV+�zJT*%y<-p�X"�@�7w
�R&a+\Ҩ�O`O#g�Au,0Hoj�h>ǎ_>ht��N.�*نhpf�NjpLa e�.6BUjB3T�&f.xd\4�8�(�V,'`#3�TWc=Ngf/.,gKI{yMٕ.ZRL�|rn� [Ar��.�hfl:2-�y��\m6ڈy֚j�o&JPT�q9&"_G5�k�^��˥�Wȱ,>�3躢ƍG�ıf3t)erns�p���&��'携iH*�� !/Za姚�+��5GANj~Qc4s[!䊻��!`Tjcf�qu�MTn����glQIBeͶwPĈ>A�5 b�d��]D�{Z�m�gH�i��A�Db�����$6��\,0�|*U*Uˈ`f�@@�S��
∛.ZE^~~�V�%Ŵk��zT}Q�ː
0gxyd{�.>�3IZ+�k��ft�E)W�JJZE�g�+ˏxW�E�BIͨ��8�PyL�&{-K��eX*`�=BZ�_,EOMqѡ,u�`�k�UQl�i:pnM{��y�~�t=G�qD�O��ԀH
5^�Fl.+RqN�� ?�g~ww$���H{AMzȮO).BV�a�{voqi(D�k^��?zC-�Sb_@�7B^+*5�7xE0�-"�fdaDGw=8bC�-�YM�^pߎ�XA�m9k+sD
�ü�
�|3�3Jјs3ѹdNkl s��ܒ;��!k̀X�W-7|*�81B�|�@jm�E|�\D"pLn�ap�8z��W|�_l6AcVg\T`u�Ej9z�)HÞ1=M{6w5>5�[G���^-a51t�]ߘ렚1y>c�2V&Ob
(Z��Kj�p9M�bT�t?$7@$J\QCV�:]͠1p�
Fu4�yH>rS-b dqi#oZ�URXUʅx7
�\tjdm
�
��LqEab;?ͅg;gkH> �B�55ԋbq4wq#̨y .Ɠ!��s�kg O=�̦:Z�k3&tƝ. �y*1�a2(ۄ*knI$G� �a
T�Cf@5I-֊R{����=2@iAtA�*�}/*\F�Iv�⿿辶tל��8@|��h��^%
͇R%*m\�~ܑN�c��'JA)�ݥ,z$�x�0JP-֫`7��ʠ��K<� �J�;!�]DZq|V
n�i*<ޣm��Rٛ8r��$DDOC�VnF�gX&1W+�+ڼ 2Z c�Cs7{�V}{�" }M
X7I�@��Ew%]�7>)l�{їNZ睳x�ŹǏ{�/Nӽ'�"h�r|8)��ZyR�v�5
}U\�O��V%�?\u/yC�[�q�߲gU=H3 J@�c�$9Ĩڐ}vl��w.>HW�6Y�Dh0\�< >n=�p[W�:�KGݳ�?w@:�m)�^{)z2W#&:|gO*�a�ݺ
�?>m6<İ&IEq#S�!L0M����H!oy,ݫ�'�^�tƩ�}UYhr��q6a'lCꏝ�/A�֭�Ě_�f?B!|F�6�}j? IZ���Í7�6w j�E�P>AR��9mũ-ݱ)co�WO�4dkwX�7f8!M�L:ݷFa's
]7+�dNiamơ8�
��J=~Nl'Nt:�D�y[e{wCȊ̙S.zr!�
>&�Yp�2��M�3}>��Jf�x7K�i^hΠt4u꾫}�{!F.
o06.s�T�7?ieܰwߵ=
=z�.+-R!EkE��wWcU��T뫳yu�Z�ГG���eo!jv.bϝ�o
�14+�-*z3\m[fvÏ9"i� �@.-vci��2�O�[CVorl8Grs&�c��#PfQ�l?|f���l_�!O�"%�FJL�c-ˆ�@|Ր8��ntpmU0p1-�8\b�:2�֬�$�<+;m̂1x6L2i��Kp_Rۯ_Lg�__B�!C9O4y˭ LdT�/5rK[�⹋^]l؍o%n<-��珰F�M�
y6u4�RW*xDI#/z�{�_p�}�KݖQC�Ug knpuL�1sg+v|R��/c�拂��_
s)'5K5�Gt��
ܴ)��xJwȩvG6_�ǞZx�Όg�ݱIf�PE�umҟ`\+ L}Sds�(J3�{/�c�<쵧3yǿMo}F4
\iK<�:Uٽ,6w/� q;I�Ż�~)41xc��˦i`'a���_+�9�;)5{b=5'Cq
$hf@���� �J#jv^�vS��.��l�I
>aB4�&����R�*wGP@8)Ut8�KjXWeb6�z�U�p$�Gh�@�r<"���?T~X ��$4
wo/%E��zS_0H
IE-H 1^%M̡"uiTt~ޓPNtQ)R9�=a�A�����^���
2
�_Ph]:Fyҧ�+�q��L;ΔJ�u+ N[kZ!��� ��u"�o`�,[uvگU=�]˒i>��kj֥^j?�b�VlM��e=UFpCB8r�.����qs[PUR
RJC�#לfy7<�W���%J��C ��^X .<`YGXq+*H@(̊T�H�b1ڃjt�ǁDrs*��ROצ�f]*SH�yH�,��K4 X�, ���y 4D4ږ:�WkY)w4[4Gy�{�u��__�Ae�phg�_3K-V�:` ��+Zen5nUqn$88 :aaaa�RX=�ɫp+:Pq\QvǥܛC���LyΨ�K֕'af4oCuT�>�_� �F��ay
פ.�~)]p��|�I}y;ߖڏ�- F�HB!Me4-XI7g�94ճ^ƙ~1Wg;T�UB$e[�(.zV�pI-xw1�b0� ]z�>�?!�HB�E�D�AD�I�4E1JTE�ԓ1|�i���a G:7EnHg�@;D�N�c3Sb�E._�`!��!Z&*=qav$�Q.>FD�D=�a��,�nf�^i�DxR�V3e �ʹk�-9#���VRJI���o��@e[!TL�A}JDK#)|� }x0tYj�`0<�u�����IDg� �^~�\ o���d=5�lς�*&ޏК�` ����K8�ZzX
gaq*�e.�C<ɐ�ыD����6-.z`MϤV�W;#L[V]/���w�x��\ '�=�vֱ6f�>\l�:[*�=s�KC�:^%x/� ^{w?&6"*�}m�_8M95̭&i㍣}�e�CZx�.7y��XDC'��#��ٸV,��x
�Oxk;�C�νvE��[jHGv)K1�%. %w_�1d�o0�knobk�=�#&wɒ8�o(xo.yu!-g�c3[n Hp9�)|O�Z��v�rΠZ~PxJܱ;.VE�]/~ԆˤR:?sfe}^��Pj/B�rdw:�\햎9Ez�L6n�B`ԜBm`f"$;69㵙t=f}Aͽ=V�Y���U3V��VvEaFf0m5m�YޥS.%9{V2~�jj&rk�w�Sz�݃�[烐yG�Yj|ubMΫ84F87?�=��+┱fne�O�%s��5�P��D�Гl�Av�|woױw11 נ18wi)@QAy�HLS�.V-J
v'*`,k;�pO◼&�}���-{8S�D�?\<9C�!��72���n�O5�|�&�}6�}vGe���ٻgg_Q+쩵�e�,7¯ ţdRPh���?3vDC3* I3!~^�c��'27zA���@�amI��Y�l#xG49�T4�[o�ꨯY|y�#o?Ǯ)&�e,,�f(�wWOt渾f�?�$R�M:�_{���E
�dB
p�{<�O�{;Q'�Htc""E<;J�wD�^W
z]kN9-i?��*~;؍P8[,z%Kpf{$1d�_
,މa��=, Ⱦ3[�
F�TeQWǝ2%}'(Us��O(aZ<�+I#C!1{H��id=$F�d�ygD��l�GʨX�[[���a v��Zgd�B�8�AX��ˋ����AE&�;.}�A�8?؎;լ�) 6�ǜ͂͢E�
tM�cs95T�j~r[Z�R,w9Y�do-?1}:f[#k|CUA2�Arj�5�%�^�\U�BI��ϟ�Z�k>�wnlS�3#66j=!v�6j=!vUצv�%��7cXz9;.�@ 57:Qb nsٷ\'קE[TcvX��ˮm6��)E��� ��dn-)�jX�u>I�Tnp]jh�XҸHd�5̮VV@-�JR;�w(k1�ίؑZ�fKu_.(݃1�5r3l|nz`9wOBuO�.hG�F^Fno�yJbm͵p[ř�Ra
*z�,T$)�e��O}�K[\P`ezrϵ[ʃ�0@̵��ǪFc4ݵXãQK�k qL�I�XC�@/0s{Y[&nAµmLlz:ErL�Dnhfˉ^Dyj�$Z �Lױ{�#/ղuNh0@�Va�\|fV\і��m-<�]��F
bh��>SlS��@$�M
g~R:,]�+s�Y�lړb
���&+Pz�X_ŌVb\>2դN[#Ļ�^ѱ4�*c�f�Sx�cD}�x�b�bh&PJjN�T]OpY�]XC3 �_^VH
o�b[Ѻ�expAJ�"*�r[:L%(f[ʇt�Mp77aT0�|L�F�|xXثT�~
�h�:���hTu
o`�\ w�{�̥�7b?= nNN��9��wǃ�"�a=X@*>In�$%�H�"]��UC�`�xI>�f꜑Mza�E�t(M$=7X.xwa�K #i��:fl�_�=��R�dW;s?wCy'�&gաu珽
tC{)�x9[CG)W��9D#M>�Sh|�"1";�)'0�枩8T1,g1.�k��M(q�i+8z{:ǂ~ s)aR;8!Q6IL�q�X\~DB(6s�
k�cuú~61uOFx�`��p���3�W�.Ԕj�< LZ��
E3�ʰ�XQʱ�;(^�;�[2�qrÅJR �`x�FNRsdhhz߃;G<
LB،Pf��1C39^�9jIwtչw�}ֽ�O֊��_%l՝Es5OL�41F;'�mi+�i(@\NSʩ`Q{̥,�%
Y
�w�"^`��V
�CrXmn8~�(�hO!v{Qt/ڹf`Rb3 dzP1W(5
ʯ֗�R[)](璉#ח���)GP~�s��)p
O;ig}y8�C:)CL"�I^R�?/?�g)j9���ss�yρ>S�<>G/R ?BiJ?�)P~R�{2�?�)s�w2]7]?��M/@�)q _�sB?=�/e=�/e}~
�Z_~
uB_SZ9S>�>�oʁ~oR�ڿIi�&NR�Ru�S.�ÔryB/
ȋOi射8I)Cy<�<^`k�)x�s�{�9;[?L_;GBX\Jrp+W�^i5�vIAʰ۸/6�^a/
��^敽I$'x�0�r1hpVydcR�
byeo?+�bw;]�Sܤ�\�j. {] r-Xѧ��o�z5_9��9�*�5!==
cTHD1K�A1_w)�ݥ,O�;H_=�hĽO�fkb{� �g�pmঠǻ-0.: 7W=M
�\�wڝGf{uee�Psv�de�K췡\2赏:6�i_]��mОO�E�>~3XV�N)pB ��^a�%I1z�I�f�'��vZ{k��+
7\xoc
�ď;c����21ArPTTR;�"�M�#x�O
R�5w9�س��V�R�`"!
*�s>P�`2Ϛ*!K0fy�=v̐g�a��0V�J�!'\B�xG�tm!2+2f�dof�2�
@aw8a+h;R�Q X�~Y8P"`!�I�؞8�F^·$�]?�7,I�ǤK�4l&�Klɜ]k'b�'6Г9)pЙ5ӄ��YBD˸LX
v;n\n�Xr�$LOd�
b|J1�1)��e�퉷5_�YL�BrR&�z�F�du#�aq�q6�3�o{Zf$�6mHn�@��pM\.�tYms�grn��k:�vԙep�s��,�x`_MO�kz1jx��B�-�o�;4m�F22XGqo�&$�l }_�|f�]3x�37�9=z`&<�aO,|Ŷ�/�G㽄$ l�L�1t^�����ɡ=�WrSD)�4!!1苄I M&Z�?;S�fQH頲�;y;6 4��9fo�5�FXk[n璑LZt6ql>9Ks�g�A����
>%�Ͷ�
jc���f\�gHAi'J�:�VZ`-���f�Y{6�Dπj�
gyyU�� (p2�T"czG-g9=bb
RJu�^m
\}"1b9?���"ㅰx�j�TL�,sD��=�%�K�)u@A� ��u�Xl3%^z'ޒ{Zf_V�e�ń�!z>HiU_w�.
$Cb9G(]!�
MAE~!O'
Ͻ�HO(t��FI
cR'�^- ���,ڎNL[u�U|ٲs1ebV!qme��f�ӧZWޓ-[@��O"O�CZ24@y��nخ;O�q^'��3>F�rx{Ko&s1$(+f'#�~,�3VO��e �Mt8?Bs �ܐ}olI
�CWs��?�Fq:h�/�A.�sl2qV83@WD0;"K
�J-˴1u¹"UXJَb
,�� ~:3_�ƝNQh|�W�9�!�-�u6ll�/�^q=˼+AўY�n|hd%K^FM`Wp�ۂ{�Xi[���RpCV)�tOK؍狰��MYf�
Q_�X��(K#
LwINps::hՆG���H�Ǹ[�[�Qy: <Щ�1XM.vQEeNܔ�1uFEm�khT[[�%*lˢ�M�)/߶�5pݼ¶,�yX��F\'XۙB
ya1 g'{y6W=?5z��d�;3F;i<>,eW7,,�L[Z']Z�!hXr���E"
a~9'm��3�3=,@a)5|d��f�Sw
�O80�Ux\�4.>ϝ?^:?r�y9rf,�E�J^+d+KWԱ0[^�C�"�c-��sq7M'�S�&DW6K�5�4Ƙb>0�wMX�+0_�k��A�s�DeU��|tCGYEL`&;]+
Nťt&vж?TH0H6�c�5cP.X��-nįB@�� ��εx C��,$?��ˋ�}��39�9�.@$�NSP_Xћ�]<"D+ �s+���Sq�|>k/]7�,{їNZ睳<|�X�ip z�']f�+FRq�OT||8(>u"34�>~^_�KAE�y鑢%!tI��B,E�w:>\|Wzv`on��s�g?p7*Ѡ~oL���z'�l5mEg,(3l�W'BVt; og"f/F1ئd��4s�_hj�*J6]MXat8|[96Nv6̈́M
.bF�;f�1Բ�ՃCF*��
|
Network Security & Hardware 
