Security Bullet In
Communiques from the security front, sir
Wednesday 4 February 2009, 5:35 PM
Infection began with a windscreen flyer
The flyers were fake parking violation notices, and instructed people to visit a website (which SANS did not publicise). Once they visited the website, they were infected with a malicious browser helper object.
From the post:
"The initial program installed itself as a browser helper object (BHO) for Internet Exploter that downloaded a component from childhe.com and attempted to trick the victim into installing a fake anti-virus scanner from bestantispyware securityscan.com and protectionsoft warecheck.com."
Interesting -- I've never heard of windscreens as an attack vector.
PreviousComments on this post
"I've never heard of windscreens as an attack vector."
No - its usually just Windows *boom* *boom*
It would be interesting to see if something like that would work better in Silicon Valley, San Francisco or maybe near an engineering college. Windshield flyers are constantly being put on cars in areas like that. The technically astute (or think they are) folks could be zapped by something from left field like that.
its a novel approach, i'll give them that... and parking violation notices are the one thing almost guaranteed to have people actually checking any publicised website.
i never notice the damned flyers until i'm already moving, by which time its a bit difficult to remove the bloody thing! (thats regular advertising, not parking notices, btw!)
Nick - that is very sad but oh so genius :)
