US Invasion Wreaks Havoc On PCs
0Overall Score

Bitdefender is advising users to be careful of e-mails about the US Army attacking Iran as it contains a link that tricks a user into downloading a malicious exe file on their computers.


Click to enlarge
According to the press release, the webpage hosting the piece of malware – dailydotnews.com – is simple, yet efficiently designed, with a top banner, a simple picture masquerading as a YouTube player and three lines of text detailing on US’ operation in Iran. This approach has been used on a large scale, as the spammer relies on a catchy heading and a link to the piece of malware in order to fuel users’ curiosity and trick them into downloading the piece of malware.

Bitdefender Antispam Analyst, Andra Miloiu said, “The new spam wave relies on computer users’ curiosity regarding the conflict between the United States and Iran. They are apparently redirected to a fake news website, where they are shown a larger, inciting description that accompanies a movie player. However, the alleged flash movie is an image depicting a movie player; when clicked, the image would reveal users the ‘Save image as…’ option.”

 

Upon clicking on either the “movie” or the top banner, the user would start the download process of a binary piece of malware, called “iran_occupation.exe”. The file contains the same malicious code used to infect the user with the Storm Worm. The authors have taken advantage of the perfect timing, as the recent tensions in the Middle East between the US and Iran has been escalating.

On the social side, the spam wave is targeting the increasingly worried US citizens looking for fresh news on Iran threatening to burn Tel Aviv down in response to possible US attacks on its nuclear facilities.

Bitdefender antivirus is currently filtering and detecting both the spam message and the malicious code. The “iran_occupation.exe” binary is infected with Trojan.Peed.PM. BitDefender recommends that you install a complete anti-malware protection solution.

See: www.bitdefender.com.au