NFL Season Kicks Off… With a New Virus

The NFL season just began, and the virus writers are already hard at work trying to turn it to their advantage. This weekend, Commtouch labs identified an outbreak of NFL-related spam messages with links to a malware site. The content of the messages varied along this theme: “Football is back, Life may resume again! Never miss a game again, and know all the stats….” The website hyperlinks within the messages used varying IP addresses; Commtouch measured dozens of different sites (in the format of IP addresses) during a single hour of the attack. The website itself looks like an official NFL site, complete with NFL logo, and it contains links to a “Free NFL Game Tracker” and additional links to order tickets to various games. However all the links on the page lead to a file called “tracker.exe,” a malware exploit.

Unlike the recent YouTube scam, where users were infected simply by visiting the malware site in a “drive-by,” in this case the virus writers are not trying to hide the fact that a download is necessary; they are pitching their wares as a download that users will find useful, an NFL game tracker.