Fabricated news of a supposed car accident involving Formula One star Fernando Alonso is being used to distribute a new banking Trojan.

The fake news story, supposedly from Spanish daily El Pais, has two-time motor racing champion seriously injured on Tuesday in an accident in the norther city of Bilbao. The bogus story, distributed via spam emails, links to a video clip depicting what appears to be a spectacular blaze. The clip installs malware onto the PC of those falling for the ruse.

The malware is identified by Spanish anti-virus firm Panda Security as Banker-LGC. "This is not the first time we have seen this piece of news used to spread malware though, as a few weeks ago we saw a very similar one, the major difference was that it was trying to install a Gaobot worm instead," notes Luis Corrons, technical director of PandaLabs.

Virus writers, who often latch onto real news events, also resort to making up fake news. At the start of the month one such attack claimed that the Third World War had begun in an attempt to spread another Trojan.

Planting key-stroke logging software onto compromised PCs sits alongside the use of phishing attacks as a means for hackers to gain access to online banking accounts. Traditionally phishing emails attempted to dupe prospective marks into visiting a website under the control of hackers and hand over account credentials.

Security defenders are getting better at identifying and shutting down (or at least blocking) URLs advertised in these messages, forcing fraudsters to switch tactics. A new run of scam emails, intercepted by security firm Trend Micro, attempts to trick users into emailing their login credentials to fraudsters posing as ISP system administrators. Variants of the attack targeting online banking login details can be expected to follow. ®

Related stories

• New e-crime units nabs nine banking Trojan suspects (9 April 2009)
• Security researchers lift the lid on Torpig banking Trojan (31 October 2008)
• Million dollar burnout features as malware lure (22 September 2008)
• Chinese earthquake hack scammer jailed (14 July 2008)
• Malware authors declare start of World War III (again) (12 July 2008)
• ToorCon ISP typo pimping exposes users to fraudulent web pages (20 April 2008)
• Ex-anti-virus chief in spyware scareware scam charges (4 March 2008)
• VXers push small coc Trojan on unwilling world (2 May 2007)
• Inboxes battered by Trojan spam deluge (19 January 2007)
• Trojan downloader uses Zidane lure (17 July 2006)
• Slobodan Trojan poses as murder pics (15 March 2006)
• Malware authors unleash bird flu-themed Trojan (27 October 2005)
• For ambulance-chasing bloggers, tragedy equals opportunity (8 July 2005)
• VXers release 'London bombing' Trojan (8 July 2005)