Malware Distributors Using Geotargeting

One of the latest attempts to encourage Web surfers to download malware involves geotargeting, that is determining the location related to the IP address. The scheme involves and e-mail telling the recipient of a “dirty bomb” blast that occurred in a nearby town. The user is requested to get more information a (fake) Reuters site, one that determines the user’s location to put up a convincing looking “local story” on the blast. The (fake) site requires a download of a (fake) new Adobe Flash player to view a video of the event. The download installs a variant of the Waledac worm.

Remember, technology can be used for good or evil. (Look for a podcast next week on the use of geotargeting via IP used for good!)

The Register via @mpdaly