|
A new spam botnet troubles users, especially those looking to see more
of the “spicy” material overrated names like Britney Spears and Paris
Hilton could deliver. The botnet uses emails embedded with bogus
Britney Spears and Paris Hilton Google search links leading users to
malware hosted by the infamous Russian Business Network (RBN).
According to the popular security provider BitDefender the e-mails do
not embed a typical URL link as they should, but apparently use Google
search result links such as "www. google .com/pagead/iclk?..." so that
they dodge url-based spam filters.
What
the new spam botnet does is direct users to a site promising explicit
videos of celebrities including ‘New naked Britney video’ and ‘Paris
Hilton New Video Auditioning Topless’ (like there would be anything new
to see there) which hosts malware.
If you did “manage’ to download and execute the malicious code, dubbed Trojan.Downloader.Exchange.A, the result will be more malware downloaded and executed.
As
BitDefender’s Defence Center blog informs us, when users check the
link, they will be showed a link to Google, however Google in turn
redirects to the site specified as parameter in the URL.
The
blog states that “Google uses these types of URL"s to redirect users
who click on advertisement served up by Google"s AdSense program,
however insufficient parameter validation means that malware authors
can modify the URL and use it to redirect users to arbitrary sites.”
The
same security company reveals that the malware host, RBN is known as a
safe shelter for spammers and malware writers worldwide.
Known
as celebrity spam due to its use of notorious names such as Britney
Spears and Paris Hilton"s (who can possibly guess why), this type of
malware has been using this method to lure users into accessing
malicious links with increasing success.
|
