Virus hooks onto CNN headlines

E-mails laden with the virus, dubbed "Crowt.A" by Sophos, do not have a typical subject line and other characteristics, Sophos said. Instead, the virus sends out e-mail messages with subject lines, message content and attachment names drawn from the latest news headlines on CNN's Web site, which it gathers as it spreads. Very few Sophos customers have reported that they been affected by Crowt.A so far, the company said.

"Virus writers are always looking for new tricks to entice innocent computer users into running their malicious code. This latest ploy feeds on people's desire for the latest news," Carole Theriault, a security consultant at Sophos, said in a statement.

If a news-hungry PC user opens an infected e-mail attachment, the virus will install a program to allow remote intruders to rummage through the victim's PC and grab sensitive information. A program that records information entered into the infected computer, known as a keylogger, could also snare a victim's log-in information, Sophos said in its description of the virus, which it is referring to as a worm.

Other computer viruses have incorporated real-time elements in a similar manner to spread faster. The Santy worm, for example, used a real-time search of Google to find vulnerable computers.

The last time attackers targeted CNN was in 2000, when the Time Warner company fell prey -- with other online sites -- to a series of denial-of-service attacks.

• Related stories

• Alerts

Add your opinion

What platforms are at risk? Wh ...Anonymous -- 21/01/05

What platforms are at risk? Which OS and browser does it attack?

• Reply to comment
• Reply to story
• Report offensive content

Keyloggers are legitimate soft ...Anonymous -- 24/01/05

Keyloggers are legitimate software? Here is an example:

While some anti-virus companies scan for keyloggers, some are not able to find them, and as yet they are not banned by current legislation. DCITA is drafting new legislation now, while Australian Police already use them with a search warrant. Some anti-virus companies hide behind potential legal litigation from companies creating legitimate software. It does not make sense.

Spyware Name: 'Spy My PC' (Pro)

Type: System Monitor downloaded without my express consent in small business company network

Developer: http://www.benutec.com/

Purported Use (from their website): employee monitoring -

Note: software code can be hacked and then shared on internet with expressive purpose of key-logging via trojan or simple javascript hidden in cookies, links, images and preview panes of email - there is not necessarily a need to 'click' on anything.

How Discovered:

• Webroot Spysweeper detected exact during daily scan on company laptop;
• Spybot Search&Destroy (latest version) failed to detect it
• Lavasoft Ad-Aware SE Plus failed to detect
• SOPHOS also failed to detect this or even scan for it

Highlights:

• There are many differences in anti-virus and anti-spyware definition lists
• some anti-virus firms are not distinguishing any difference between a virus and a monitor - they release virus definitions, without re-branding the definition as spyware, to save their market share after advising consumers, who have paid for products at the shopfront, AV protects them completely
• lack of national and international nomenclature standard – same as for virus naming
• abilities of spyware writers to use software modules may also lead to false names being applied to legitimate system monitors or small variations being applied
• spyware writers are now effectively hiding system monitors within Trojan variations
• major deficiencies in ‘100% safe’ claims from anti-virus companies, adding to confusion on subject of anti-spyware

Webroot Description:

SpyMyPC PRO is award-winning, highly flexible, all-round desktop security monitoring solution, the best choice if you want to know what others are doing on your own computer. Spy My PC PRO Logs all keystrokes, applications, windows, websites, Internet connections, p****words and chats.”

Additional Example Loading from Game:

Note: The following is a blog from a gamer who was protected by Webroot SpySweeper

http://absolutist.com/games.html - Axy Snake game downloaded with System Monitor attached –

I wanted to let you know what happened to me at this site. I downloaded the Axy Snake game [trial version] last night. OH, Its a fun game alright...but when I ran Spysweeper..
it put up I had[ AxySnake Spy My PC Pro]..
all in the same box and was considered spyware.!!!
I cant beleive they would do this...Spy My PC is a download you can buy to watch every move that happens in YOUR pc. Any one here think I need to do system restore? I AM SO UPSET THAT THEY CAN NOW SEE AND KNOW EVERY KEY STROKE AND ALL MY PERSONAL STUFF.!! Any advice?..Apparently you get that Spy tool installed along with the game.
Isnt this the lowest thing you can

Is e-commerce safe now?

Further Reference Information on Keylogging: http://www.netadmintools.com/part215.html

• Reply to comment
• Reply to story
• Report offensive content

Seriously though, a few guys g ...Anonymous -- 24/01/05

Seriously though, a few guys got together one day, and realized they could use everyone elses computing power to look for aliens - it was a good cause, the software was not downloaded without prior consent, and they even told you what it would do while you were asleep. See SETI.

Another couple of guys with absolutely no ethics in regards to ‘privacy’ had a similar idea - except they just wanted to use that extra power to advertise things you need back at you.

You might wonder how they know what to send you? You might also wonder if you are paying for the privilege - well your cpu is, and your download monitor knows that 50% of your downloads over the internet are adds now

Of course everybody in the world can afford unlimited broadband! Well maybe they could if the www infrastructure could support it - more people online, better technology, cheaper for everyone right?

It seems criminals have some how realized, governments have not legislated against any of this, and key loggers are actually legitimate.

If you are like me, still waiting for 5cent phone calls, don’t hold your breath. Arthur C Clarke got that one wrong. At least we may be able to move to Titan to escape one day in the future.

The best database search engine was, if I am not mistaken, invented by a librarian, and existed long before your own personal super cool Google search engine. They still use it today apparantly, but I have not been to a library for a while to smell a few old books.

If you disagree with me, try Tim Berners-Lee’s thinking out for size - he wanted to redesign the www accordingly several years ago to add ‘categories’ like a library catalogue. WHat is the semantic web anyway?

Anyway, I can now find a suitable keylogger to build into a trojan virus that drops like a cookie into your system for safe keeping. Why bother, when stolen credit cards or even the software to make fakes are just as easily googled.

What would we do without Google?

• Reply to comment
• Reply to story
• Report offensive content

• Just In

• Most Popular

• Most Discussed

Reader Services

Popular Topics

Essentials