Election of New Pope Becomes Latest Lure in Malware and Phishing Attacks
Fake CNN breaking news alerts use news of the day to serve malware - Cyprus
financial crisis also exploited by cybercriminals
MCLEAN, Virginia, March 21, 2013
MCLEAN, Virginia, March 21, 2013 /PRNewswire/ --
Commtouch^® (NASDAQ: CTCH), a leading provider of Internet security technology
and cloud-based services, warns that cybercriminals are using the public
interest in the election of Pope Francis as the latest bait in malware,
phishing and spam attacks. Commtouch labs have identified a drive-by malware
campaign that disguises as a bogus CNN breaking news alert.
(Logo: http://photos.prnewswire.com/prnh/20120501/529254 )
The e-mail links to a manipulated Website that, when opened in the browser,
infects the user's computer with the Blackhole Exploit Kit, a popular tool
among cybercriminals to deliver various kinds of malware. Over the past 12
months, drive-by attacks - which use a link to an infected Web site instead of
including the malware in the email attachment - have become a favorite
delivery method for viruses and Trojans. The current campaign uses a fake
sender email address consistently named "CNN Breaking News." The spam message
usually contains subject lines such as:
oOpinion: Family sued new Pope. Exclusive!
oOpinion: New pope tries to shake off the past
oOpinion: Can New-Pope Benedict be Sued for the Sex Abuse Cases?
Commtouch labs have so far seen three significant waves of the pope-related
spam earlier this week. In those waves, more than one quarter of all emails
(27%) came from addresses in the United States, while other sources of the
attack included IPs from eastern European countries such as Bulgaria and
Serbia as well as Brazil.
This campaign is part of a wider effort to use current news events for
distributing spam and malware. Currently, Commtouch labs are tracking drive-by
campaigns utilizing the attempts to solve the financial crisis in Cyprus in
the same way. In addition to fake CNN alerts, the BBC has also been used as an
alleged source in email carrying subject lines such as "BBC-Email: Cyprus
bank-Levy Passage in Doubt as EU Shows Aggression". Commtouch warns users to
be particularly wary of email news alerts at the current time.
Analyzing more than 12 billion transactions every day at a rate of more than
138,000 a second, Commtouch and its Internet Threat Analysis Team identify
threats based on a comprehensive analysis using Commtouch's GlobalView™ Cloud.
For more details on the new pope spam and other threats, visit
Commtouch^® (NASDAQ: CTCH) is a leading provider of Internet security
technology and cloud-based services for vendors and service providers,
increasing the value and profitability of our customers' solutions by
protecting billions of Internet transactions on a daily basis. With 12 global
data centers and award-winning, patented technology, Commtouch's email, Web,
and antivirus capabilities easily integrate into our customers' products and
solutions, keeping safe more than 350 million end users. To learn more, visit
Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and
Commtouch is a registered trademark of Commtouch. All other trademarks are the
property of their respective owners.
Brian Briggs, Chief Financial Officer
IsraelInvestor Relations Contact:
Commtouch Media Contact:
Zintel Public Relations
Press spacebar to pause and continue. Press esc to stop.