Swine flu malware outbreak - quick survival guide

Swine flu malware outbreak - quick survival guide

Tags:   Cisco  Fortinet  Influenza A  malware  N1H1  Sophos  SPAM  swine flu  Symantec

By Victor Ng | May 5, 2009

Cybercriminals are again taking advantage of worldwide news event to seed their Trojans. This time, they are cashing in on the worldwide hysteria over swine flu by offering bogus swine flu survival guides, fake drugs or collecting “donations” to peddle malware and steal credit card details.

“This has happened with every single major news piece since at least 2005, ranging from the Katrina hurricane to Barack Obama's election and, of course, the bird flu alerts of 2006,” noted Guillaume Lovet, senior manager of the EMEA Threat Response Team at Fortinet Technologies.

The threats
Romana Ward of SophosLabs discovered swine flu comment spam messages urging members of a Russian pharmaceutical network to sell a cure for the disease. The network sells legitimate generic drugs. The message urges affiliates to add Oseltamivir, a generic form of Tamiflu, to their store catalog.

A similar campaign was waged during the bird flu outbreak, Ward said.

One of the more serious spam messages contains a malicious PDF file that purports to provide information about the swine flu. When users access the “Swine influenza frequently asked questions.pdf” file, malcode within the PDF tries to drop another piece of malware -- Infostealer or Trojan.Bloodhound.6 -- onto the users’ system.

If a victim opens the file, their machine is immediately infected with a Trojan, which tries to steal sensitive data, said Kevin Haley, director of security response at Symantec.

This social engineering trick is not only used in pure executable Trojan distribution campaigns (a la "click me"), but also in Search Engine Optimization (SEO) attacks, said Fortinet’s Lovet.

In SEO attacks, cybercriminals register domains related to the news event, and ‘game’ the search engines’ site-ranking algorithms to have their domains displayed among the top items when users search for information on the event.

 
 
12

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <img /> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <embed> <object> <strike> <caption>
  • Lines and paragraphs break automatically.
  • Use <!--pagebreak--> to create page breaks.

More information about formatting options

 

Comments

Comments

ed hardy clothing,Providing

Submitted by 6223ef2a06a820478128d67804315acf on 23 January 2010 - 5:44pm.

ed hardy clothing,Providing authentic Ed Hardy Clothing with competitive price and fast ... The famous brand

inspired by Don Ed Hardy ''s Vintage Tatto arts ...
cheap ed hardy
ed hardy clothes
Don Ed Hardy is an American tattoo artist born in Iowa in 1945, and raised in Southern California.
A pupil of Sailor Jerry, Hardy is recognized for incorporating Japanese tattoo aesthetic and technique into
his work
ed hardy

Our louis vuitton replica

Submitted by 27790b7b38acb1d0882af6e5932d78f4 on 7 January 2010 - 5:15pm.

Our louis vuitton replica handbags and knock off pursesother fake purses will.

I think this louis vuitton bag is nice,I would like to carry it.

Buy cheap replica louis vuitton Handbags and Louis Vuitton Bags from HandbagsAir.

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Today's top security priorities
Attacks based on vulnerabilities in websites are skyrocketing, and not many solutions are available to protect organizations against them. How do you deal with this and other key security issues today?
Taking a holistic business-centric approach to security
Today’s CIOs face multiple challenges, including the need to innovate in an extremely competitive business climate, address highly dynamic regulatory and compliance challenges, speed ROI to counter shrinking IT budgets, and secure their organizations against a wide barrage of sophisticated threats.
 
 
 
UTM product offers Logansport Savings Bank superior protection
Astaro Security Gateway’s IPS was able to block attacks that other intrusion prevention systems (IPS) missed at Logansport Savings Bank.
Hong Leong Financial opts for Juniper Networks at new Malaysia head office, data center
Hong Leong Financial Group Berhad builds complete and seamless data center and office network infrastructure with Juniper switches, security devices and Junos software.
 
 
 

Recent popular content

Most Read
Could the 2010 World Cup be a nightmare waiting to happen for IT managers?
Information security issues, strategies and spending in 2010
Top 10 tips for protecting sensitive data from malicious insiders
Cybercriminals target healthcare records
Using Scapy to test Snort IDS

Site map
Search Security Asia
About Us
Print/Digital Subscription
Sales
Feedback
Security Tips
Expert Opinions
Research
White Papers
Case Studies

Blogs
Topics
Application security
Disaster recovery and business continuity
Identity management and access control
Information security careers, training and certifications
Topics
Network and Internet Security
Security best practices
Security threats
Surveillance and facilities management
Media
Videos
Podcasts
Webcasts
News
RSS