CNN.com Daily Top 10 – Virus
So today I get this email that appears to come from CNN.com and when I click on a link it takes me to a video player page that looks offical and says that it needs to download a plugin. Well that is a exe that comes with a virus, thankfully i opened this on my Macbook Pro and was uneffected by it. Looking at the address bar it links to ( hieber-ed.de ).
I posted this to serve as a reminder to always check who the email is from before clicking on the links included, even if they are from a reputable source.
A note from one of the users:
The subject lines of these e-mails vary, but some examples
include “CNN Top Ten”, “Beijing Olympic Videos”, and other
subject lines referencing the Olympics. The e-mail prompts readers to
update their “flash player” or software that will allow the viewing
of videos. Please delete these e-mails immediately and refrain from
clicking on anything that asks you to update “flash player” or any
other software. These malicious attempts can result in the download of
what is referred to as malware, which can shut down the functioning of
your computer.
UPDATE: Removal instructions if you are infected with the virus, click here.
Related Posts:
- CNN.com Daily Top 10 Removal Guide (Uninstall Instructions)
- PluggedIn Review
- Killacycle creator injured by his creation
- Sting Racing crashes into concrete wall
- Axion Racing’s bot collides into chase car at Urban Challenge
I too rec’d the CNN top ten list today. I clicked on a topic but didn’t download the flash player then deleted the email. Is it possible to get the virus by clicking on a topic but not downloading the viewer?
Susan, you should be fine as long as you did not run the down loadable exe, as an experiment i did download it on my windows computer and it did not come up as a virus. but if i executed it i would have most likely been infected.
The malicious page and file are hosted on different sites. Normal sites which have been hacked.
FYI, we announced on 8-6-08 to State managed users….
The Michigan Department of Information Technology (MDIT) has identified
a widespread virus attack on state computers being distributed through
e-mail. The subject lines of these e-mails vary, but some examples
include “CNN Top Ten”, “Beijing Olympic Videos”, and other
subject lines referencing the Olympics. The e-mail prompts readers to
update their “flash player” or software that will allow the viewing
of videos. Please delete these e-mails immediately and refrain from
clicking on anything that asks you to update “flash player” or any
other software. These malicious attempts can result in the download of
what is referred to as malware, which can shut down the functioning of
your computer and result in MDIT having to rebuild your desktop
computer.
MDIT has shut down the influx of these emails and will continue to work
around the clock to resolve the problem, but you can play a vital role
by deleting these e-mails. It’s possible that future e-mails
disguised with other subject lines could penetrate your e-mail and
should be deleted. If you are currently experiencing computer related
problems or believe you may have been infected, please contact the MDIT
Client Service Center in the Lansing
area.
No government data or citizen information has been compromised from
this virus attack.
[...] people who have received the CNN daily top ten email spam have unknowingly downloaded the trojan get_flash_update.exe file. If you are among these people, [...]