Bogus London 2012 Olympics Scandal Leads to Malware

 Analysis by: Jona Ross Pereira

Cybercriminals are known to take advantage of sporting events like the London Olympics 2012 for their malicious activities. Some of the attacks that leveraged this event include fake live streaming websites, fraudulent sites that sell bogus tickets, and malicious Olympics-related app hosted in a fake Google Play store.

Trend Micro researchers also spotted spammed messages that supposedly contain the scandal news involving the USA Women’s Gymnastics winner. This is used as a bait to lure users into clicking the malicious URL. Once unsuspecting users click the link, they are redirected to a fake YouTube website that requires them to download the latest version of Adobe Flash Player to view the said video.

The spammed message contains different compromised URLs and downloads the file, adobe-flashplayer-update.exe, which Trend Micro detects as TROJ_DROPPR.HR. Trend Micro protects users from this spam run via its Smart Protection Network that detects the malicious file and spam.

 SPAM BLOCKING DATE / TIME: August 04, 2012 GMT-8
 TMASE INFO
  • ENGINE:6.8
  • PATTERN:9086