Thursday, September 6, 2007

Google Bloggers be Aware

Google's Blogger site is being used by vicious hackers who are posting fake entries to some blogs.

The fake entries contain weblinks that lead to dummy-trapped downloads that could infect a Windows PC.
Infected computers are being hijacked by the gang behind the attacks and either mined for saleable data or used for other attacks. The Blogger attack is the latest in a series by a gang that has managed to hijack hundreds of thousands of PCs.

Attack pattern

These dummy-trapped links turning up on Blogger on 27 August. Now many hundreds of blogs on the site have been updated with a short entry containing the link.

Storm worm subject lines :

  • are you kidding me? lol
  • Dude dont send that stuff to my home email...
  • Dude your gonna get caught, lol
  • HAHAHAHAHAHA, man your insane!
  • I cant belive you did this
  • LMAO, your crazy man
  • LOL, dude what are you doing
  • man, who filmed this thing?
  • oh man your nutz
  • OMG, what are you thinking

It is not yet clear how the links were posted to blogs. The bogus entries could have exploited a Blogger feature that lets users e-mail entries to their journal. The blogs themselves could also be fake and set up solely to act as hosts for spam.

The entries on the blogs have the same text as some of the spam distributed by the group behind the attacks. These attempt to trick people into clicking on links and downloading booby-trapped files using cleverly crafted messages. Some can be seen as YouTube links others claim to be looking for testers of software packages or digital greetings cards.

The first attack used a spam that aimed to give recipients more information about the severe storms seen in Europe. This led to the virus used by the gang being dubbed the "Storm Trojan".
Since then group has been sending out huge numbers of different spam messages in a bid to trick people.
The spam messages have been changed to capitalize on news events and the viral payload has been updated many times to fool anti-virus programs. The group can send out so much junk mail because they have hijacked so many Windows PCs via successive campaigns.

AddThis Social Bookmark Button
RSS Digg this

Posted by Navaneeth B at 6:08 PM

3 comments:

Harisha - ಹರೀಶ said...

Hey, is it really true? Where did you get this information?

September 6, 2007 at 8:44 PM
Unknown said...

yes,it's true.It was announced in national television in tech news.i collected more information on this and presented here.

September 6, 2007 at 9:17 PM
Suresh S Murthy said...

Hey will the word verification stuff used by blogger before you post any article not of any help?

September 11, 2007 at 8:25 PM

Post a Comment

Subscribe to: Post Comments (Atom)