A new group of computer hackers began using the Gaza conflict and a fake cnn.com news site to infiltrate computers and steal passwords early this morning, according to Gary Warner, Director of Research in Computer Forensics at the University of Alabama at Birmingham (UAB). The UAB Spam Data Mine, which collects millions of e-mails and analyzes them for emerging threats, began receiving e-mails concerning the conflict in Israel around 7:30 a.m.

January 8, 2009

• Hackers use fake CNN Web site to infect PCs

• Not detectable by most anti-viral programs

http://garwarner.blogspot.com/2009/01/gaza-conflict-spam-points-to-fake-cnn.html

BIRMINGHAM, Ala. -- A new group of computer hackers began using the Gaza conflict and a fake cnn.com news site to infiltrate computers and steal passwords early this morning, according to Gary Warner, Director of Research in Computer Forensics at the University of Alabama at Birmingham (UAB). The UAB Spam Data Mine, which collects millions of e-mails and analyzes them for emerging threats, began receiving e-mails concerning the conflict in Israel around 7:30 a.m.

E-mails that claim to be from CNN used realistic news headlines as their subjects to lure users to Web sites infected with malicious software or "malware." Warner warns consumers not to open links in any e-mail received from an unknown source. To be safe, go to cnn.com and click on news stories from the network's official site.

"This malware takes passwords for online banking sites, online shopping carts, e-mail and chat programs, and FTP sites and sends them to a computer in the Ukraine," Warner said.

Malware analysis performed by UAB students, and shared with law enforcement, has proven that this malware is the same family as the viruses that have been distributed in the past by the fake Obama acceptance speech video, the fake Wachovia merger letter, and the Classmates.com reunion invitations.

"Perhaps the scariest part," according to Warner, "is that anti-virus products are behind the curve again. The odds are that as of this writing, your anti-virus product won't detect the virus. When tested by UAB students this morning, only 11 out of 38 tested products could tell it was a virus."

Warner cautions that this is NOT an escalation of the existing Cyber Propaganda War (http://garwarner.blogspot.com/2008/12/muslim-hackers-declare-cyberwar-on.html).

"These are an entirely different group of hackers, with no ties to the Palestinian or the Israeli cause," Warner says. "These are criminals who abuse hot news stories to trick computer users into infecting themselves."