Saturday04 February 2023

False news about Olympic scandal used to spread malware

Reading time is around minutes.

Leveraging the hype around the 2012 Olympics in London cyber criminals are pushing out malware via spam emails claiming that Gabrielle Douglas, who won a gold medal in Women's  Gymnastics All Around, will face lifetime ban from sport.  Obviously they are expecting that false news about doping scandals will help a lot in spreading the malware. The email is suggesting a link that will open up a false youtube page and prompt you to download  Adobe Flash plugin to view the content. Sophos, which first reported on this spam, detects the malware as Troj/Agent-XIK and Troj/JSRedir-IA.

Here is the body of the scam email:

Recent Olympic gold medal winner, USA Women's Gymnastics winner Gabrielle Douglas, faces a lifetime ban after reportedly testing positive to banned diuretic furosemide. With details of the case still emerging, British Olympics Committee has ordered a suspension of the athlete until final results arrive.
View the video on youtube now

"As always, remember to think twice before following links in unsolicited messages," a Sophos spokesperson stated. "And, if you really want to keep up-to-date with the latest goings-on from the London Olympics, visit an established news website for the headlines - don't trust an email that arrives in your inbox out of the blue."

[Ed- using a big event to trick people into opening attachments, clicking on links or any number of infection methods is not a new things for Malware writers. They bank on the fact that people love a scandal and our voyuristic natures. The popularity of YouTube and other social sharing sites have given many a false sense of security when it comes to links to them. Both Facebook and YouTube have been used wit this in mind. We highly recommend that people maintain up-to-date malware protection and also avoid clicking on links in emails especially when they contain such dramatic headlines. ]

Discuss this in our Forum

Last modified on Saturday, 04 August 2012 19:29

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.