The Secret Plan To Kill Internet

July 16, 2008

For some time now, articles summing up rumors about the predicted death of the Internet as we know it, by 2012,
and claiming that ISP’s have come to an agreement to restrict Internet use by turning it into a pay to view subscription model,
have been circulating on the Internet.
These articles, claiming users would be able to visit only selected corporate websites, was in some cases accompanied by a YouTube clip,  and stating that Time Magazine writer “Dylan Pattyn” has confirmed the information and is about to release an article on the issue.

These stories are now followed by a new spam, tricking users to download an attachment which supposedly has documented information regarding the doomed future of Internet.

The file “doc.pdf” is actually a variant of PIDIEF Trojan, more specifically TROJ_PIDIEF.JT.

If the file is opened, it tries to exploit an Adobe/Acrobat Vulnerability, and if it succeeds then attempts to contact an FTP site so it can download more malware to the infected computer.

If you see an email with subjects like the following lines:

Secret Plan To Kill Internet By 2012: Leaked?

PLAN TO KILL THE INTERNET BY 2012- Documented

2012: The year the Internet as we know it dies…

or anything with similar context, do not open the email, delete it.

Source: Death of the Internet Foretold by TrendLabs malware blog.

altiparmaks@gmail.com

Leave a Comment » | Malware, security | Tagged: , , | Permalink
Posted by snowhite14

Chunkylover53 is away.. and Homer is back with a botnet

July 14, 2008

A malware spreading through AIM network using as screen name “Chunkylover53″, which was the username registered by one of the writers of “The Simpsons” episodes, is infecting Simpsons fans.. In one of the old episodes “Chunkylover53@aol.com” was Homer’s e-mail address, many of the fans added the username to their AIM contact lists. The writer who registered this account also was answering e-mails from fans.. Now, after long inactivity “Homer” is back with an away message linking to the “new internet-only exclusive Simpson’s episode”, yeah right.. The so called “new episode” is actually a file called Kimya.exe detected as a trojan. Running it will set you up with a couple of uninvited guests, a rootkit, some files related to a new Chinese infection, your PC will fall victim to a botnet of Turkish origin.

The “Homer” person spreading this infection, has already changed the away message a couple of times. The last message also advertises a link to a dating website, just in case you want to get laid..

There is an interesting write up with more detailed info at FaceTime Security Labs Blog

altiparmaks@gmail.com

1 Comment | Botnet, Instant Messaging, Malware | Tagged: , , , , , | Permalink
Posted by snowhite14