Virus experts at Sophos have discovered a mass-mailing worm that
poses as a plea for donations to help with the Indian Ocean tsunami
disaster.
The W32/VBSun-A
worm spreads via email, tempting innocent users into clicking onto
its malicious attachment by pretending to be information about how
to donate to a tsunami relief effort. However, running the attached
file will not only forward the virus to other internet users but
can also initiate a denial-of-service attack against a German
hacking website.
|
| The email sent by the VBSun-A worm. |
Emails sent by the worm have the following characteristics:
Subject line:
Tsunami Donation! Please help!
Message text:
Please help us with your donation and view the attachment
below! We need you!
Attachment name:
tsunami.exe
"Duping innocent users into believing that they may be helping
the tsunami disaster aid efforts shows hackers stooping to a new
low," said Graham
Cluley, senior technology consultant at Sophos. "This gruesome
insensitivity is a despicable ploy to get curious computer users to
run malicious code on their computers. Everyone should be wary of
unsolicited email attachments, and visit the established charity websites instead if they wish to
assist those suffering as a result of the disaster."
W32/VBSun-A is not the first virus to try and take advantage of
the tsunami disaster in an attempt to spread. The VBS/Geven-B worm tried to
spread a sick message earlier this month that the tsunami was God's
revenge on "people who did bad on earth". There have also been a
number of email scams
distributed by criminals posing as victims in an attempt to steal
money.
Although there have only been a small number of reports of the
W32/VBSun-A worm, Sophos recommends computer users ensure their
anti-virus software is up-to-date, and that companies protect
themselves with a consolidated solution
which can defend them from the threats of both spam and
viruses.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.