Ebola virus being used as bait to spread malware: Symantec

As people have started to become more aware of common cyber attacks, cyber criminals are using new and innovative methods to compromise PCs. One of the recent evolution of attacks include infecting PCs with phishing emails that talk about the latest headlines. This time, it's about the Ebola virus epidemic that hit the news worldwide.

 

As with most phishing emails, the message body warns the user of a trending problem and unsuspecting users could open the email, click on the links or even share them with others. If PCs are not adequately protected, they can become victims to harmful malware.

 

What's scarier is that these emails seem like they come from a legitimate source, thus increasing the chances of your opening them. Symantec has revealed different kinds of email attacks that are taking rounds under the context of Ebola virus. Here's a look at four common Ebola virus emails you should be wary of.

 

1.  One of the most common attacks include emails with a fake report on Ebola virus. Opening the email would ask you to to click on a link to read more about the report, following which it infects your computer with the Trojan.Zbot malware. This malware runs on different versions of the Microsoft Windows operating system and is often used to steal information submitted through online forms such as usernames, passwords, banking details, etc.

 

2. In the second instance, cybercriminals send out an email that impersonates a major telecommunications services provider claiming to offer a detailed presentation on the Ebola virus. An attached zip file with a title such as 'EBOLA – PRESENTATION.pdf.zip' executes Trojan.Blueso on the victim's computer. This is a relatively low risk virus that sits dormant on your web browser. However, the attack doesn't stop there. The malware is crafted to inject W32.Spyrat into the victim’s web browser and allows attackers to control your PC remotely by logging what you type, record from the web camera, capture screenshots, open web pages, delete files and folders, download and upload files and even uninstall itself from your PC.

 

EbolaVirus email

 

3. The third campaign piggybacks on some fresh Ebola news. In the last two weeks there has been talk of Zmapp, a promising Ebola drug still in an experimental stage. An email claiming the Ebola virus has been cured insists that you should forward the message to your contacts. The email attachment is Backdoor.Breut malware. This type of malware records keystrokes and may download more corrupted files on to your PC.

 

4. Finally there's a fake CNN campaign with breaking Ebola news (with some terrorism thrown in). It gives a brief story outline and includes links to an "untold story". The email also includes a "How-to" link that explains what kind of precautions you can take and a list "targeted" regions.

 

Ebola virus scrae

 

It's not the first time we've witnessed attackers using top headlines as bait for exploiting PCs. In the recent past, cyber criminals have used news about Luis Suarez during the World Cupthe disappearance of the MH 370 Malasian Airlines and a fake online political campaign which targetted Arvind Kejriwal as bait to trick people into opening malicious emails.


Published Date: Aug 19, 2014 10:37 am | Updated Date: Aug 19, 2014 10:37 am