Page last updated at 13:51 GMT, Thursday, 5 February 2009

Parking ticket leads to a virus

Hackers website
Hackers are finding new ways of tricking potential victims

Hackers have discovered a new way of duping users onto fraudulent websites: fake parking tickets.

Cars in the US had traffic violation tickets placed on the windscreen, which then directed users to a website.

The website claimed to have photos of the alleged parking violation, but then tricks users into downloading a virus.

Anti-virus firm McAfee says the Vundo Trojan then gets users to install a fake anti-virus scanner.

Vehicles in Grand Forks, North Dakota, were the targets for this new type of fraud.

Drivers found the following message on the yellow ticket on their windscreen: "PARKING VIOLATION This vehicle is in violation of standard parking regulations".

The ticket then instructed drivers to visit a website, where drivers could "view pictures with information about your parking preferences".

Hackers website
The website instructed users to download a tool bar containing a virus

According to internet security watchdog The SANS Institute, the website then had photos of cars in various car parks around Grand Forks and instructed users to download a tool bar to find photos of their own vehicle.

But the tool bar was actually an executable file which installed a Trojan virus that then displayed a fake security alert when the PC was rebooted. The fake alert then prompted the user to install fake anti-virus software.

Writing on the SANS blog, anti-virus analyst Lenny Zeltser ran through the different stages of infection.

"The initial program installed itself as a browser helper object (BHO) for Internet Explorer that downloaded a component from and attempted to trick the victim into installing a fake anti-virus scanner from bestantispyware and protectionsoft," he explained.

It is thought this is the first time fraudsters had used real world solutions to try and trick users, although Mr Zeltser warned that it would not be the last.

"Attackers continue to come up with creative ways of tricking potential victims into installing malicious software.

"Merging physical and virtual worlds via objects that point to websites is one way to do this. I imagine we'll be seeing such approaches more often."

Print Sponsor

Cybercrime threat rising sharply
31 Jan 09 |  Davos 2009
Clock ticking on worm attack code
20 Jan 09 |  Technology
Computer virus hits navy e-mails
15 Jan 09 |  Hampshire
Computer viruses make it to orbit
27 Aug 08 |  Technology

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Americas Africa Europe Middle East South Asia Asia Pacific