Spammers Distribute Malicious Software through Heartbleed-Themed Messages

Symantec is warning of Heartbleed virus, which has not only cracked cyber security as well as become widely known among Internauts all over the globe, but that distributors of malicious software are exploiting the development by offering one fake tool that will supposedly remove the virus.

The security company's researchers state that spam mails related to the virus are circulating that caution Web-surfers that even though they may've altered their passwords used for specific sites, the Heartbleed virus can still contaminate their PCs. The message continues that end-users should execute the "Heartbleed Virus Removal Tool" provided in the attachment to the electronic mail, so their PCs become free from the contamination.

The above social engineering tactic especially misleads Internauts who mayn't be sufficiently tech savvy towards perceiving that Heartbleed isn't really any malicious program and that it wouldn't cause infection to a PC. The spam mails employ scare and social tricks towards enticing recipients so they would view the given attachment.

A particular alert indication, which should make readers suspicious, is the header that reads "Looking for Investment Opportunities from Syria" that has little relation with the e-mail's text.

Meanwhile, to appear credible, the spam mails pose as being sent from certain renowned firm dedicated to password management. There are all the details in the e-mails regarding the way for using the virus eliminating program as also what should be done incase an AV program stops it. Further, the attachment contains one .docx file that would likely appear less dangerous compared to any executable file. But, on opening this .docx file, a zip file emerges which when unzipped, presents the malevolent heartbleedbugremovaltool.exe executable.

Now, users who get so duped that they execute the program would actually download one keystroke logging software, which would take screenshots, record keystrokes related to card details, passwords and everything that's routinely typed in followed with transmitting all the info onto one freely-available e-mail provider.

Symantec advises end-users to treat e-mails with suspicion if they ask for personal information or e-mails which direct for opening given attachments and running their included software. They must also eschew following web-links within dubious e-mails.

» SPAMfighter News - 6/12/2014