Security researchers from McAfee warn that the CVE-2012-0158 vulnerability that exists in Microsoft Office and other products that use MSCOMCTL.OCX is currently being exploited in the wild with the aid of maliciously-crafted RTF, Word and Excel files. The security hole has been patched with the April 2012 updates, but there are a lot of users who failed to apply them, giving cybercriminals the opportunity to launch malicious operations. Experts found that the specially designed files come with a vulnerable OLE object embedded, usually being served to users via unsolicited emails. So, how does the infection work? When the malevolent file is opened, the victim sees a regular document that’s presented as bait, but in the background, the magic happens and a nasty Trojan is installed. It all starts when the Word process opens the crafted document. The CVE-2012-0158 flaw is exploited and the shellcode in the OLE file is triggered. This shellcode is responsible for installing the Trojan in the operating system’s Temp folder. At this stage, the same shellcode starts a new Word process and opens the bait document, which is also dropped in the same Temp directory. The first process is terminated and the victim is presented only with the legitimate-looking document. Because in the first step the malicious element is executed and only then the genuine file is run, users whose computers are targeted may see that Word opens, quits, and then, almost immediately, re-launches to display the bait. To protect themselves against this threat, Internet users are advised to apply the latest updates offered by Microsoft. Also, internauts should beware of suspicious emails that may arrive in their inboxes. That’s because most infections can be avoided if the messages that carry them are simply ignored and deleted.

Pictures of attractive young women that advertise shady diets are flooding Pinterest. While this approach is new, victims end up on the old sites that replicate news outlets to promote the schemes.

Graham Cluley reveals that there are hundreds of different posts that serve the scam, but behind the scenes they all work in the same way.

“Spring is almost over and I just lost those remaining 26 lbs. If you’re interested too, click [LINK],” reads a variant of the scam.

“Summer is about to come and I finally took off these last 27 lbs. If you’re interested too, browser [LINK],” another version reads.

When users click the links, they are taken to a site that replicates Channel 8 News. As in previous similar plots, the website is designed to appear as if the reporters of this media outlet wrote a legitimate story about the miracle diet.

The site doesn’t push any malware, instead it tries to convince users to pay for bogus drugs. In these types of scenarios, you either end up paying for something that you will never receive, or the cybercrooks simply want your private details and payment information that you may hand over while placing an order.

For the time being, Pinterest blocks many of these scams, but most likely, the fraudsters that run them will make other ones that will roam freely until the social media network flags them as spam.

Pinterest customers are advised to be on the lookout for these types of plots and report them as being spam to ensure that others will not fall for them.

It doesn’t matter how legitimate the site looks, online pharmacies and shady diet products advertised via aggressive marketing methods most often hide a malicious plan that’s designed to earn a hefty profit for the cybercriminals that run them.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.