New Swine Flu Malware Detected as Agent-AVZQ
Cybercriminals have developed a new malware version themed on swine flu that is currently in circulation on the Internet, revealed security firm F-Secure.
This malware is reported to be a Trojan that contains keylogger and backdoor functionalities and appears as a Word document coming from the US Centre of Disease Control providing important details about swine flu.
The malicious file "Novel H1N1 Flu Situation Update.exe" is appearing with an icon which imparts it the look of a Word document. Users opening the file are offered a document. In the meantime, the malware causes all the damage to the system, as explained by F-Secure. The security firm detects the Trojan as Agent-AVZQ.
According to Mikko Hypponen of F-Secure, the word document file gets opened by the malware automatically, which makes user think that he has actually opened the file, reported Webuser on July 21, 2009.
Apart from this, spammers are also busy in cashing on the media hype created for the swine flu outbreak. They are promoting sites selling fake pharmaceutical products. Moreover, they are exploiting the latest news to spread malware.
Although spammers were very quick to abuse the interest of Internet users in swine flu, F-Secure stated that the news regarding the spread of H1N1 (swine flu virus) was exploited to a relatively lesser extent. F-Secure said in a blog that limited use of H1N1 themes has been recorded.
Meanwhile, Agent-AVZQ is reportedly the second incident of exploiting the swine flu news to circulate malware recorded by security researchers. It is noted that the first security warning regarding the abuse of swine flu was issued just few weeks back when a specially developed PDF file containing malware was detected. The file when opened propels some other file to drop in the Temp folder of the user's PC. It then links to three different IP addresses, apparently waiting for instructions to set free its malicious payload.
In recent times, several warnings regarding the safety of programs used for opening files have been issued. In wake of this, security researchers have suggested Internet users to avoid opening attachments offering information regarding swine flu or promoting fake pharmaceutical products.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 11-08-2009