Security researchers have identified a second wave of spam claiming that the US Army has attacked Iran.
The scam is designed to trick users into downloading and installing malicious software.
BitDefender revealed that the webpage hosting the malware, dailydotnews.com, is a simple yet efficiently designed site with a top banner, a simple picture masquerading as a YouTube player and three lines of text detailing the US operation in Iran.
This spam approach is designed for large scale use as the spammer relies on a catchy heading and a link to the piece of malware in order to fuel curiosity and trick users into downloading the malware.
“The new spam wave relies on computer users’ curiosity regarding the conflict between the US and Iran,” said BitDefender spam analyst Andra Miloiu.
“Users are redirected to a fake news website where they are shown a larger description accompanied by a movie player.”
The alleged Flash movie is an image depicting a movie player. When clicked, the image gives users a ‘Save image as’ option.
On clicking on either the ‘movie’ or the top banner, the user starts the download process of a binary piece of malware called ‘iran_occupation.exe’. The file contains malicious code which will infect the user with the Storm Worm.
BitDefender said that the spammers are exploiting heightened tensions in the Middle East to target increasingly worried US citizens looking for fresh news.
Subscribers 0
Fans 0
Followers 0
Followers