For the past week a massive attack has infected PCs by tricking users into clicking links in fake messages from CNN.com. The attack has shown little sign of ending soon. The links in the spam mails go to sites which tell you to download the Adobe Flash player to watch a movie. What actually happens when you run this file is that a trojan is installed on your computer. The trojan adds your computer to a worldwide Botnet.
The email itself looks like a completely normal message from CNN.com and some of the links in the email also go to CNN. Right now there is a similar attack in progress, although this time MSNBC.com (NBC’s and MSN’s news site) is used to mask the attack. Spam has flowed in since around 11am on Tuesday. The sites, which the spam messages link to, are most likely hijacked ones and the site owners are probably not yet aware that their sites contain malicious code.
Firefox and Internet Explorer 7 now include filters to block sites like these. However, it normally takes several days before a hijacked site has been reported to these filters. Until then, no warning will be displayed when surfing to these sites.