Presidential election spurs malware-laden CNN spam

Share this article:

Spammers taking advantage of the presidential election buzz are delivering the banking trojan Zeus to users who fall for email ploys purporting to come from CNN.

Users, primarily in the United States and Canada, have been infected by the phishing campaign, where emails that look to be CNN news articles about the election link to malicious URLs hosting the BlackHole exploit code.

Security firm Trend Micro published a blog post Thursday about the Zeus variant, dubbed “Tspy_Zbot,” which deletes the initial executed copy of itself and monitors user activities to seize login credentials used for online banking.

Jamz Yaneza, threat research manager at Trend Micro, told SCMagazine.com on Friday that it's nothing new for attackers to leverage popular news to spread malware. What's unique in this case is the new variant of Zeus.

“We keep seeing this every time there's any kind of major event that is going on – in this case being a political election,” Yaneza said. “The bad guys always seem to use a new variant that will target victims through email. They are using the BlackHole spam phishing kit to make these emails or subject lines more humanized or professional.”

Yaneza said users often have no idea they have clicked a malicious link, as redirection to a malicious URL occurs in the background.

Security firm Websense also detected the phishing campaign and published a blog post Wednesday on the findings.

"Specifically, we have detected thousands of emails with this kind of content," the blog post said of phish emails that read "CNN Breaking News" in the subject line. "We are seeing an increasing number of spam campaigns with malicious links that lead to BlackHole exploit pages."

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.