How does the new nine ball virus pose a threat to computer users?
A new spammed malware attack is impersonating messages from micro-blogging site Twitter. Researchers at Symantec say that the attack attempts to pose as an invitation for the target to join the Twitter site with the message ‘your friend has invited you to Twitter.’ The message also contains images from the Twitter logo and front pages. Rather than send the user to Twitter by way of a URL, however, the message asks the user to open an attachment under the name ‘InvitationCard.zip.’ Upon launching the attached file, the user is infected with a malicious worm that attempts to send out mass e-mail messages. Users are advised not to open the invitation attachments or any other unsolicited or suspicious email attachments. “As Twitter continues to gain popularity among social networking users, people are regularly receiving invitations and email updates from fellow users, ” wrote Symantec researcher Sammy Chu in a blog posting. “We expect that spammers will continue to use Twitter and other p
Nine Ball is a recent multi-layered Web browser attack that have already infected approximately 40,000 sites. Nine Ball targets legitimate websites to redirect users to malicious sites owned by the attacker and infects PCs through a number of exploits, including Adobe Reader and Quick Time, and then trying to download Trojans and keylogger code without the user’s consent or knowledge. Once infected, anything the victim types can be monitored and used to commit identity theft, such as credit card numbers, passwords and more. According to Websense, the compromised website, loaded with malware, will first try to identify a visitor by IP address to discover if it’s a repeat visitor. To evade security researchers and investigators who would likely be among any repeat visitors, the Web page will dump a repeat visitor onto Ask.com. If a web visitor is new, the victim is pushed through a few more re-directions to land at the site
