Swine Flu Breeds Online Malware Epidemic

by CXOtoday Staff    May 06, 2009

As swine influenza, popularly known as swine flu, grips the world, a digital epidemic has been spawned that takes advantage of the recent interest in swine flu.

Cybercriminals are again taking advantage of a world-wide event to spread Trojans. This is not new and has been noticed during events ranging from the Katrina hurricane, Barack Obama’s election, and the recent Mumbai terror attacks.

Guillaume Lovet, senior manager, (Threat Response Team-EMFA) of security firm Fortinet Technologies said this time around cyber crooks are using social engineering tricks not only used in pure executable Trojan distribution campaigns (like "click me"), but also in Search Engine Optimization attacks; in those, cybercriminals register domains related to the news event, and "game" the search engines site-ranking algorithms to have their domains displayed among the first ones when users search for info on the event. Those domains may be loaded with browser exploits attempting to silently push trojans on the visitors systems, or may be pure opportunist sites, asking for donation or selling ‘advice’.

"In the swine flu specific case, we have also noted the distribution of malicious PDF files, which fits well with a persistent trend for over a year — cybercriminals "bet" on the fact that people, after being fed with so many "do not click on untrusted executable files" user education campaigns, will not be wary of documents (which are, by essence, not-executable)," said Lovet.

This has happened in the past, and will happen in the future — we must get used to the fact that all significant news events, including natural or health catastrophes, will spawn their lot of malware and profiteers. Fortunately, good practice (up-to-date antivirus definitions and patched software) makes you immune to a great part of those.

For instance, the swine flu malicious PDF mentioned above will be absolutely innocuous provided your PDF-reading software is up-to-date (Adobe did release a patch for the targeted flaw in March.)

Related links:

Conficker Lingers, Say Experts
Conficker Author Absconding, as D-Day Nears

Websense Reports ‘Explosive’ Waledac Malware
Worm Disguises As ‘Breaking News’
FBI Warns Of Tsunami Online Scams