$PARASITEID = '100953'; ?>
Spammers are now sending a newer version of the infamous "CNN.com" group of malspam email messages called "CNN Alerts: My Custom Alert".
We first posted a removal guide for the CNN.com Daily Top 10 message infection and now it seems the same string of malicious emails has changed slightly to the subject line "CNN Alerts: My Custom Alert". "Here we go again", this is probably what you will say to yourself if you encounter this new malspam message.
Malwaredatabase.net was one of the first websites to report about this issue and provide details which you'll be able to read further along this article. The new variation of malspam email utilizing the CNN theme seems to be a bit more deceiving than the previous "CNN.com Daily Top 10" malspam message. The "CNN Alerts: My Custom Alert" message actually routes to a legitimate CNN story from one of the many links embeded in the cnn image. The legitimate link that it points to is the "Chinese Islamic group threatens Olympics" story found on the real CNN.com site. Before you run off and tell your buddies that this email is OKAY, we noticed that another link within the email is malicious. Embedded within the image of the "CNN Alerts: My Custom Alert" message is a link to click for the FULL STORY and that was found to be a malicious link that points to biogazrhonealpes.org/cnnplus.html.
image source: malwaredatabase.net
Below is a list of other blogspot pages that may be used in conjunction with the "CNN Alerts: My Custom Alert" malspam message:
- informasya.blogspot.com/2008/07/cnn-alerts-my-custom-alert_20.html
- informasya.blogspot.com/2008/07/cnn-alerts-my-custom-alert-etc_21.html
- zujarcuevas.blogspot.com/2008/08/cnn-alerts-my-custom-alert.html
- bastien12.blogspot.com/2008/08/cnn-alerts-my-custom-alert.html
- rjbblog040405.blogspot.com/2008/08/cnn-alerts-my-custom-alert.html
- cnga-ca.blogspot.com/2008/08/cnn-alerts-my-custom-alert.html
Important Update: New variants of the "CNN Alerts: My Custom Alert" malspam messages:
It was brought to our attention from several sources that new variants of the "CNN Alerts: My Custom Alert" malspam messages have both malicious links as well as legitimate CNN.com links. Obviously, in an effort by the spammers, they are making these emails appear to be "real". Now with the new malspam messages having links to real CNN.com pages it is better hidden and can be passed off onto computer users making them think they just received a legitimate email message. The odds are still against many computer users because as shown in the image below, the message still has a malicious link within the body of the email.
Security notice: Do not attempt to visit the malicious site links listed above. They are only used as a reference for the discovered malicious links. You may risk the installation of rogue anti-spyware programs or other infectious files.
Other reports online about this new version of malspam emails using a CNN cover-up will say that the campaign has passed over to blogspot web pages. Other links were found to be related as the hackers may be using multiple sources for spreading malware onto computer users via the "CNN Alerts: My Custom Alert" malspam message.
CNN is not affiliated with this threat. It doesn't operate the websites in question and the messages are being sent from randomized email accounts.