Fake BBC website serves malware and a scam

Online scammers and malware peddlers know that the more afraid and desperate their targets are, the more likely it is that they will fall for their tactics, so their repeated targeting of the unemployed masses shouldn’t come as a surprise to anybody.

Fake websites extolling the virtues and the money to be made by working from home are also nothing new, but this time, the crooks are being more than thorough.

GFI’s Chris Boyd has recently spotted a fake BBC page (at bbcmoneynews(dot)com) that supposedly shows users how to earn over $10,000 per month by working from home.

The victims that follow the link to the page are initially faced with the “Java plug-in required” and “Please wait page is loading-¦” signs (sounds familiar?):

While the exploit kit automatically tries to take advantage of vulnerabilities existing in the software used by the victims, the Java plug-in – actually a Trojan – must be explicitly downloaded by the users.

If successful, the exploit kit downloads and executes several pieces of malware, including the Zeus, Sirefef and Fareit Trojans.

After all this, the victims are finally faced with the scammy website with the bogus “work from home” offer.

“There are a number of different work from home URLs you can expect to be sent to and they all have comments closed (right after everybody said the work from home pack worked, which is of course handy for the site owner) while claiming that the ‘offer ends tomorrow’,” Boyd points out.

“This is a rather nasty pack of malware, and it’s quite possible we may see more of these work from home sites dabbling in exploits – not a comforting thought when you can open up any random forum/website and have a halfway decent chance of seeing a ‘work from home, earn big money’ advert.




Share this