Presidential election spurs malware-laden CNN spam

Share this article:

Spammers taking advantage of the presidential election buzz are delivering the banking trojan Zeus to users who fall for email ploys purporting to come from CNN.

Users, primarily in the United States and Canada, have been infected by the phishing campaign, where emails that look to be CNN news articles about the election link to malicious URLs hosting the BlackHole exploit code.

Security firm Trend Micro published a blog post Thursday about the Zeus variant, dubbed “Tspy_Zbot,” which deletes the initial executed copy of itself and monitors user activities to seize login credentials used for online banking.

Jamz Yaneza, threat research manager at Trend Micro, told SCMagazine.com on Friday that it's nothing new for attackers to leverage popular news to spread malware. What's unique in this case is the new variant of Zeus.

“We keep seeing this every time there's any kind of major event that is going on – in this case being a political election,” Yaneza said. “The bad guys always seem to use a new variant that will target victims through email. They are using the BlackHole spam phishing kit to make these emails or subject lines more humanized or professional.”

Yaneza said users often have no idea they have clicked a malicious link, as redirection to a malicious URL occurs in the background.

Security firm Websense also detected the phishing campaign and published a blog post Wednesday on the findings.

"Specifically, we have detected thousands of emails with this kind of content," the blog post said of phish emails that read "CNN Breaking News" in the subject line. "We are seeing an increasing number of spam campaigns with malicious links that lead to BlackHole exploit pages."

Share this article:

Sign up to our newsletters

More in News

Medical transcription provider settles data security charges

GMR Transcription Services in California agreed to settle FTC charges related to its security practices.

Researcher hacks network connected devices in own home

Researcher hacks network connected devices in own home

In his own home, a researcher was able to hack various network connected devices that are not computers and mobile phones.

Study: Most higher ed malware infections attributed to 'Flashback'

Study: Most higher ed malware infections attributed to ...

Flashback caused a stir in 2012 when some 650,000 Macs were infected with the malware.