Listen Up, Sudoko Fans: Cyber Criminals Count on Sudoku to Infect Victim PCs
William Eazel writes on SC Magazine Online:
Security experts yesterday warned that a growing number of maliciously coded web pages are downloading spyware programs onto computers without the consent of the sites' visitors.More here.
These web pages are designed by cyber criminals to exploit different software vulnerabilities to automatically install malware on systems, Panda Software warned. The majority of the websites try to tempt users by offering pornographic or illegal content, but some "particularly dangerous" new sites have begun offering sudoku puzzles as a social engineering hook to attract unwitting victims.
Typically the application operates perfectly, allowing users to play the sudoku game. However, without the users knowledge, it downloads a spyware, YazzleSudoku, every time the user opens the application. Once YazzleSudoku is installed on a computer, it creates several Windows registry entries to ensure that it remains active. Similarly, it generates a series of files it needs to operate, with names such as RL_SudokuInstaller.rar.lnk, or Yazzle Sudoku. Then, YazzleSudoku displays advertising messages on the screens of compromised computers.
It is important to note that when starting to play the game, users are warned that spyware will be installed. If the user agrees, the spyware will be installed on the computer. However, if users do not agree, they will not be able to use the sudoku program.
0 Comments:
Post a Comment
<< Home