The Latest in IT Security

Bogus Olympics 2012 Email Warning Blindside Users With Malware

23
Apr
2012

The upcoming London Olympics is undoubtedly one of the most highly-anticipated sports event of the year. It is also a favorite social engineering ploy among cybercriminals. Just recently, we found an Olympics scam in the form of a lottery that promises a free travel package to the event. Some online crooks, however, played it differently this time. Instead of the typical Olympic-related scams wherein users supposedly won tickets to the event, this scam arrives as spam disguised as an email advisory.

As mentioned, this scam comes in the form of email messages that warn recipients of fake websites and organizations selling tickets to the London Olympics 2012. The mail contains the official logo of the event to possibly deceive users of its legitimacy. Included in the message is an attached .DOC file that lists these bogus ticket sellers. The attachment, however, is actually a malicious file detected by Trend Micro as TROJ_ARTIEF.ZIGS. The malware takes advantage of the RTF Stack Buffer Overflow Vulnerability (CVE-2010-3333) to drop the backdoor BKDR_CYSXL.A. This backdoor may perform several malicious routines that include deleting and creating files and shutting down the infected system.

Readers who frequent this site surely know that this is just one of the many Olympic-related scams that we have seen in the past. As early as October 2008, spam messages were found masquerading as Olympic 2012 lottery notifications. Other sports events like the Beijing Olympics in 2008 and the FIFA World Cup were also no strangers to this type of ruse.

As London Olympics 2012 draws near, we are expecting this type of threats to proliferate. Thus, users should make it a habit to check the legitimacy of any message before downloading the attachment or clicking links included in it.

Trend Micro users are protected from this threat via Trend MicroT Smart Protection NetworkT, which detects and deletes all the related malware. Trend Micro Deep Security also shields systems from being exploited via Rule 1004498 – Word RTF File Parsing Stack Buffer Overflow Vulnerability.

To know more about the previous threats that took advantage of the Olympics, World Cup and other major sporting events, you may read our entry Sports as Bait: Cybercriminals Play to Win.

Leave a reply


Categories

MONDAY, NOVEMBER 18, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments