Security news30 October 2007
Stormy Halloween as hackers try to infect PCs with dancing skeleton Cybercriminals tempt the unwary with macabre malware
IT security and control firm Sophos has warned that a cybercriminal gang is attempting to hijack the Halloween festivities to infect the PCs of innocent computer users.
Malicious spam emails sent across the internet direct internet users to a Halloween-themed website offering a download of a dancing skeleton game, but really designed to install a Trojan horse that gives hackers remote access to the PC. Emails containing the malicious links have a variety of subject lines including the following:
Dancing Bones
The most amazing dancing skeleton
Show this to the kids
Send this to your friends
Man this rocks
The emails link to a Halloween-themed website hosting malicious code.
"This is just the latest incarnation of the poisoned ecard attack (also known as Storm) which has dominated the malware scene for months. The gang responsible are experts at choosing topical disguises or crafting alluring emails that the unwary may find difficult to resist," said Graham Cluley, senior technology of consultant. "What's even more frightening is that when innocent users click to see the skeleton dance, the site also plays The Vengaboys song 'Boom boom boom boom'. The good news is that advanced IT security defences are able to stop an attack like this dead in its tracks."
Unlike some other IT security vendors Sophos did not have to issue an update to protect its users against the malware as Sophos's Behavioral GenotypeŽ Protection technology was already able to proactively identify the script at the website as Troj/JSXor-Gen and the downloaded executable as Mal/Behav-146. Users of other vendors' products are recommended to update their protection and ensure that they are defended from the threat.
Sophos experts note that this is not the first time that the gang behind the current attack have used festivities to spread their malware. In July, the hackers sent round messages posing as American Independence Day greetings and distributed malicious "Happy Labor Day" messages in September.
Earlier this month, Sophos reported how spammers had distributed Halloween-related emails with the intention of gathering personal information from recipients.
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
See also:
- Halloween spam tries to spirit away personal information
- Don't download that YouTube video!
- Beyonce, Rihanna, Kelly Clarkson video emails spread ecard Trojan horse
- Sophos email appliances provide effective, intelligent protection from spam, phishing, malware and information leakage
- Sign up for free notification of new viruses found in the wild
