Security news19 April 2007
Malware attack poses as camera phone footage of Virginia Tech tragedy Cybercriminals look to capitalize on headline news about shootings
IT security and control firm Sophos has warned individuals of a social engineering phishing campaign that attempts to capitalize on the tragedy at Virginia Tech. Spam messages teasing camera phone footage of the Virginia Tech shootings have begun flooding inboxes worldwide. These messages, however, are infected with malware and could pose major problems if clicked through.
SophosLabs™, the company’s global network of high-security threat research centers, discovered the malicious spam yesterday through Sophos's advanced Behavioral Genotype® Protection capabilities. The link within the spam messages points viewers to a file entitled TERROR_EM_VIRGINIA.scr. If downloaded, the link installs a banking Trojan on the users computer system (detected as Mal/Packer by Sophos products) which can be used by cybercriminals to steal passwords, user names and account numbers.
The spammed emails claim to point to camera phone footage of the campus shootings.
"It is extremely disturbing that cybercriminals have so quickly jumped to exploiting this horrible tragedy. Unfortunately, it’s not that surprising," said Ron O'Brien, senior security analyst with Sophos. "We’ve seen similar behavior with other tragedies like Hurricane Katrina and the death of Pope John Paul II. Cybercriminals prey on the interest of concerned citizens hoping for the latest information on breaking news and, if history repeats itself, we’ll see this campaign continue until interest fades."
To avoid falling victim to one of the schemes, Sophos encourages individuals to take extreme caution when downloading links from an unidentified source and to make informed decisions about where they gather information.
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
