Swine Flu Breeds Online Malware Epidemic
As swine influenza, popularly known as swine flu, grips the world, a digital epidemic has been spawned that takes advantage of the recent interest in swine flu.
Cybercriminals are again taking advantage of a world-wide event to spread Trojans. This is not new and has been noticed during events ranging from the Katrina hurricane, Barack Obama’s election, and the recent Mumbai terror attacks.
Guillaume Lovet, senior manager, (Threat Response Team-EMFA) of security firm Fortinet Technologies said this time around cyber crooks are using social engineering tricks not only used in pure executable Trojan distribution campaigns (like "click me"), but also in Search Engine Optimization attacks; in those, cybercriminals register domains related to the news event, and "game" the search engines site-ranking algorithms to have their domains displayed among the first ones when users search for info on the event. Those domains may be loaded with browser exploits attempting to silently push trojans on the visitors systems, or may be pure opportunist sites, asking for donation or selling ‘advice’.
"In the swine flu specific case, we have also noted the distribution of malicious PDF files, which fits well with a persistent trend for over a year — cybercriminals "bet" on the fact that people, after being fed with so many "do not click on untrusted executable files" user education campaigns, will not be wary of documents (which are, by essence, not-executable)," said Lovet.
This has happened in the past, and will happen in the future — we must get used to the fact that all significant news events, including natural or health catastrophes, will spawn their lot of malware and profiteers. Fortunately, good practice (up-to-date antivirus definitions and patched software) makes you immune to a great part of those.
For instance, the swine flu malicious PDF mentioned above will be absolutely innocuous provided your PDF-reading software is up-to-date (Adobe did release a patch for the targeted flaw in March.)
- IBM, Fortinet Team Up On Cyber Threat Data sharing
- Skybox Finds Cryptomining Malware Now Dominates Threat landscape
- Indians Lack Awareness Of Malicious Cryptomining: Study
- Is the New URL File Outbreak a Ransomware Attempt?
- Nearly All Firms Are Unprepared For Next-gen Cyber-Attacks: Study
- What’s Driving The Shift To Cryptocurrency Mining Malware?
- Ransomware Against IoT, Mobile On The Rise: SonicWall
- Employee Training: A Security Priority For Financial CISOs
- Even Minor Glitches And Breaches Can Kill Brands
- Poor Cybersecurity Hygiene Leads To Greater Risks: Study