North Dakota Parking ticket virus

Hobbies, Off Duty, Holidays anything like that!
User avatar
Executive Member
Executive Member
Posts: 268
Joined: Fri Mar 21, 2008 10:19 am
Class: 'Undead Hunter'
Alignment: 'Lightning'
Sacred: 'Priest'

North Dakota Parking ticket virus

Post by falkor » Sat Feb 07, 2009 6:21 pm

Hackers have discovered a new way of duping users onto fraudulent websites: fake parking tickets.
Cars in the US had traffic violation tickets placed on the windscreen, which then directed users to a website.
The website claimed to have photos of the alleged parking violation, but then tricks users into downloading a virus.

Anti-virus firm McAfee says the Vundo Trojan then gets users to install a fake anti-virus scanner.

Vehicles in Grand Forks, North Dakota were the targets for this new type of fraud. Image < website

Drivers found the following message on the yellow ticket on their windscreen: "PARKING VIOLATION This vehicle is in violation of standard parking regulations".

The ticket then instructed drivers to visit a website, where drivers could "view pictures with information about your parking preferences".
The website instructed users to download a tool bar containing a virus

According to internet security watchdog The SANS Institute, the website then had photos of cars in various car parks around Grand Forks and instructed users to download a tool bar to find photos of their own vehicle.

But the tool bar was actually an executable file which installed a Trojan virus that then displayed a fake security alert when the PC was rebooted. The fake alert then prompted the user to install fake anti-virus software.

Writing on the SANS blog, anti-virus analyst Lenny Zeltser ran through the different stages of infection.

"The initial program installed itself as a browser helper object (BHO) for Internet Explorer that downloaded a component from and attempted to trick the victim into installing a fake anti-virus scanner from bestantispyware and protectionsoft," he explained.

It is thought this is the first time fraudsters had used real world solutions to try and trick users, although Mr Zeltser warned that it would not be the last.

"Attackers continue to come up with creative ways of tricking potential victims into installing malicious software.

"Merging physical and virtual worlds via objects that point to websites is one way to do this. I imagine we'll be seeing such approaches more often."