IT security and control firm Sophos has warned that a cybercriminal gang is attempting to hijack the Halloween festivities to infect the PCs of innocent computer users.
Malicious spam emails sent across the internet direct internet users to a Halloween-themed website offering a download of a dancing skeleton game, but really designed to install a Trojan horse that gives hackers remote access to the PC. Emails containing the malicious links have a variety of subject lines including the following:
Happy Halloween
Dancing Bones
The most amazing dancing skeleton
Show this to the kids
Send this to your friends
Man this rocks
The emails link to a Halloween-themed website
hosting malicious code.
"This is just the latest incarnation of the poisoned ecard attack (also known as Storm) which has dominated the malware scene for months. The gang responsible are experts at choosing topical disguises or crafting alluring emails that the unwary may find difficult to resist," said Graham Cluley, senior technology of consultant. "What's even more frightening is that when innocent users click to see the skeleton dance, the site also plays The Vengaboys song 'Boom boom boom boom'. The good news is that advanced IT security defences are able to stop an attack like this dead in its tracks."
Unlike some other IT security vendors Sophos did not have to issue an update to protect its users against the malware as Sophos's Behavioral Genotype® Protection technology was already able to proactively identify the script at the website as Troj/JSXor-Gen and the downloaded executable as Mal/Behav-146. Users of other vendors' products are recommended to update their protection and ensure that they are defended from the threat.
Sophos experts note that this is not the first time that the gang behind the current attack have used festivities to spread their malware. In July, the hackers sent round messages posing as American Independence Day greetings and distributed malicious "Happy Labor Day" messages in September.
Earlier this month, Sophos reported how spammers had distributed Halloween-related emails with the intention of gathering personal information from recipients.
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.