New worm thinly disguised as CNN breaking news headlines

Jan 21, 2005

Virus researchers at Sophos have identified a new worm which poses as information on the latest news stories. Crowt-A(W32/Crowt-A) takes its subject lines, message content and attachment names from headlines gathered in real-time from the CNN website. As well as providing keylogging and backdoor functionality, W32/Crowt-A attempts to send itself by email to addresses found on the infected computer as if from other addresses on the infected computer. The email's subject lines, message content and attachment name are generated from headlines gathered real-time from the CNN website.

Crowt-A's subject line and attachment share the same name, but continually change to mirror the front-page headline on the CNN news site. The message text is also lifted from CNN's site, duping the recipient into thinking that they are reading a bonafide newsletter rather than receiving an infected email.

Crowt-A also installs a backdoor Trojan function. This attempts to log keystrokes on infected PCs and sends gathered data to a remote user. These Trojans are often used by hackers to gain unauthorised control of PCs and to steal personal information such as bank passwords.

"Virus writers are always looking for new tricks to entice innocent computer users into running their malicious code; this latest ploy feeds on people's desire for the latest news," said Carole Theriault, security consultant at Sophos. "Many people subscribe to legitimate email news updates, but the message is simple - businesses need to makes sure their anti-virus detection is constantly updated and users need to be suspicious of all unsolicited email whether it's promising celebrity pictures or news updates."

Although only a small number of instances of the worm have been sighted so far, Sophos recommends companies protect their computers with a consolidated solution to thwart the virus and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.

Explore further: Greenland darkening to continue, predicts CCNY expert Marco Tedesco

Related Stories

Recommended for you

OrangeSec pair said Cortana visited Android

15 hours ago

Can, did, Cortana work on Android? A talked-about act at droidcon 2015: a presentation titled "Cracking Cortana." The OrangeSec team arrived at the Turin, Italy, event to show their work in a CortanaProxy ...

DOJ, FBI acknowledge flawed testimony from unit

17 hours ago

The Justice Department and FBI have formally acknowledged that nearly every examiner in the FBI Laboratory's microscopic hair comparison unit gave flawed testimony in almost all trials in which they offered evidence against ...

Germany still has some way to go to 'smart factories'

18 hours ago

Collaborative robots and intelligent machinery may have wowed the crowds at this year's Hannover Messe, but experts see German industry as having some way to go towards incorporating them on factory floors ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.