E-greeting Malware Explode into Users’ Inboxes

Security software developer, PC Tools, notes that friends, family members and co-workers are not the only people sending e-greetings. Even cyber thieves find them popular in their own malicious way.

Computer malware is being distributed in large quantities via e-mail in the guise of electronic greeting cards, according to a striking new research from PC Tools.

The Computer Crime Unit of the Metropolitan Police reports that hackers often make these knave e-cards their medium to access others' computers or hunt e-mail Ids where they can send spam messages. The Metropolitan Police made its comments based on the research from PC Tools.

Experts at PC Tools have recognized the malware bursting into consumer inboxes as yet another Storm Worm variant. The Storm Trojan is an aggressive breed of malware that mutates and is dubbed as 'Malware 2.0'.

According to the security software developer, these e-card attacks are crafted to thwart popular anti-virus programs when it finds them starting, making sure there is a persistent bot-infected system as soon as the malicious code is installed and the system reboots. The attacks also expose the computer system to potential remote and backdoor exploits. This implies that the entire data stored on the system is put to danger.

These latest assaults demonstrate typical social engineering tactics that tell recipients that they have got e-mail from a loved-one, friend or colleague. The spam mail then lures the user to click an embedded link to see the card. Soon after the click, a surge of malware is released leading the user victim to a malicious Web page that infects the computer, said PC Tools Chief Threat Officer Kurt Baumgartner. Source Wire published Baumgartner's statement on August 10, 2007.

The company suspects the writers of this malware are located in Ukraine or Russia. They use extremely sophisticated attacks with advanced techniques to pursue and remain on victims' computers, Baumgartner added.

Baumgartner questioned how signature-based solutions alone could detect ever-new exploits with innumerable malware threats finding release in quick successions. So Baumgartner thinks only automated computer systems could fight these next-generation malware, as human hands is far less than enough.

Related article: E-Crime Reporting Format To Be Launched in July

» SPAMfighter News - 8/27/2007