New worm thinly disguised as CNN breaking news headlines

Jan 21, 2005

Virus researchers at Sophos have identified a new worm which poses as information on the latest news stories. Crowt-A(W32/Crowt-A) takes its subject lines, message content and attachment names from headlines gathered in real-time from the CNN website. As well as providing keylogging and backdoor functionality, W32/Crowt-A attempts to send itself by email to addresses found on the infected computer as if from other addresses on the infected computer. The email's subject lines, message content and attachment name are generated from headlines gathered real-time from the CNN website.

Crowt-A's subject line and attachment share the same name, but continually change to mirror the front-page headline on the CNN news site. The message text is also lifted from CNN's site, duping the recipient into thinking that they are reading a bonafide newsletter rather than receiving an infected email.

Crowt-A also installs a backdoor Trojan function. This attempts to log keystrokes on infected PCs and sends gathered data to a remote user. These Trojans are often used by hackers to gain unauthorised control of PCs and to steal personal information such as bank passwords.

"Virus writers are always looking for new tricks to entice innocent computer users into running their malicious code; this latest ploy feeds on people's desire for the latest news," said Carole Theriault, security consultant at Sophos. "Many people subscribe to legitimate email news updates, but the message is simple - businesses need to makes sure their anti-virus detection is constantly updated and users need to be suspicious of all unsolicited email whether it's promising celebrity pictures or news updates."

Although only a small number of instances of the worm have been sighted so far, Sophos recommends companies protect their computers with a consolidated solution to thwart the virus and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.

Explore further: Sony hacking fallout puts all companies on alert

add to favorites email to friend print save as pdf

Related Stories

Flipboard buys rival news reader Zite from CNN

Mar 05, 2014

Flipboard on Wednesday announced it is buying rival online news reader Zite from cable news stalwart CNN, boldly declaring a bid to become "the world's best personal magazine."

Twitter names news chief, from NBC (Update)

Oct 24, 2013

Twitter announced Thursday it had hired former NBC executive Vivian Schiller to head its news operations, as the messaging service ramps up efforts in the field ahead of its stock market debut.

Recommended for you

Sony hacking fallout puts all companies on alert

7 hours ago

Companies across the globe are on high alert to tighten up network security to avoid being the next company brought to its knees by hackers like those that executed the dramatic cyberattack against Sony Pictures ...

Ear-check via phone can ease path to diagnosis

9 hours ago

Ear infections are common in babies and young children. That it is a frequent reason for young children's visit to doctors comes as no consolation for the parents of babies tugging at their ears and crying ...

Timeline of the Sony Pictures Entertainment hack

10 hours ago

It's been four weeks since hackers calling themselves Guardians of Peace began their cyberterrorism campaign against Sony Pictures Entertainment. In that time thousands of executive emails and other documents ...

Two more former Sony workers sue over data breach

10 hours ago

Two more former employees of Sony Pictures Entertainment are suing the company over the massive data breach in which their personal and financial information was stolen and posted online.

Files of more than 40,000 federal workers breached (Update)

10 hours ago

The computer files of more than 40,000 federal workers may have been compromised by a cyberattack at federal contractor KeyPoint Government Solutions, the second breach this year at a major firm handling national security ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.