ESET Experts Warn Online Shoppers of Merond Worm
As per a warning issued by the Internet security firm ESET, Ireland has felt the presence of a new malicious worm which seems to capitalize on the seasonal goodwill to sneak into the users' systems.
The worm called Merond spreads through legitimate-looking forged e-mails. These phony e-mails are served along with different subject lines like "Your friend invited you to Twitter!", "You have received A Hallmark E-Card!", "You have received A Hallmark E-Card!", "Shipping update for your Amazon.com order", "Jessica would like to be your friend on hi5!", and "Your friend has sent you an ICQ Greeting Card!"
In order to encourage activation, Merond uses social engineering technique. The message is sent from a perceived trusted source like firstname.lastname@example.org or email@example.com.
It has been almost a year that Merond worm has made its presence felt, but in Ireland, it has recently become widespread. The e-mail that contains the worm is being distributed with an attachment. Now, this attachment is either a zipped file or a regular file, which seems to be .htm, .pdf, or a similar one. However, in actual terms, it is an .exe file which executes the malicious content when the recipient clicks on it.
The worm aspires to launch itself automatically every time the machine is booted. For the purpose, once Merond becomes active, its executable file is copied to the directory of Windows system, and then a link is added to its .exe file to the system registry.
Further, to be successfully disseminated by the Autorun technique of compromising the systems, this file replicates itself on to a detachable media like USB keys.
Meanwhile, users are recommended to timely update their anti-virus software, so as to ensure that it is capable enough to detect malicious infiltrations. Moreover, either it's a case of Facebook phishers or e-mail scammers, cyber assailants are casting a huge trap to attract online shoppers across the world.
According to a latest research by the Internet security firm Webroot, it has been found that 68% people have planned to purchase at least 50% of their presents online this shopping season. This leaves cyber crooks with a huge opportunity to target shoppers on Cyber Monday and throughout the entire holiday season.
» SPAMfighter News - 27-11-2009