Spanish ‘Swine Flu’ Spam Link to Information Stealing Trojan
According to reports from security company SonicWall on May 1, 2009, e-mail talking about a vaccine to treat the 'swine influenza' is currently prowling on the Net. The e-mail highlights a link pointing to a Mexican website that contains a malicious code designed to capture information relating to online banking, the company said.
Moreover, the e-mail whose text is written in Spanish connects to a Trojan namely Qhost.NJI hosted on a website that looks legitimate, but has probably been hijacked.
The Qhost.NJI Trojan is a file with an .exe extension and coded in Visual Basic. Other features of the malware is that it modifies Windows computers' host file that makes the PC accessing some specific domains of Mexican banks to divert itself. However, the user remains unaware of this while the Trojan seizes any login details typed in by the user on the computer.
Meanwhile, security specialists at SonicWall are cautioning Internet users about a number of spam and e-mail scams pertaining to 'swine flu' that eventually try to install malicious code on their PCs to capture sensitive data. Accordingly, they are urging users to exercise utmost caution while opening e-mails that display subject lines on the 'swine influenza' together with links related to it.
Apart from SonicWall, other security agencies such as McAfee and Symantec are also alerting Internet users to exercise caution while opening e-mails that talk about 'swine flu.' Understandably, spammers started dispatching 'swine flu' e-mails soon after the media had reported the first instance of the illness. Those e-mails displayed catchy captions such as "US swine flu statistics" along with links that maliciously connected to bogus software or pharmacy sites.
Furthermore, reports suggest that most 'swine flu' spam mails originate from Brazil, implying that many spammers behind the 'swine flu' messages are located in Brazil.
Specialists from all security agencies say that phishers and spammers invariably exploit any current event discussed on the Net. These cyber miscreants always attack the innocent surfers seeking more news about the events on the Web as in the case of 'swine flu'; thus, bringing them in contact with malicious links, the experts warned.
Related article: Spamhaus’ List Of 10 Worst International Spammers
» SPAMfighter News - 13-05-2009