Malware attack poses as camera phone footage of Virginia Tech tragedy

April 19, 2007 Sophos Press Release

IT security and control firm Sophos has warned individuals of a social engineering phishing campaign that attempts to capitalize on the tragedy at Virginia Tech. Spam messages teasing camera phone footage of the Virginia Tech shootings have begun flooding inboxes worldwide. These messages, however, are infected with malware and could pose major problems if clicked through.

SophosLabs™, the company's global network of high-security threat research centers, discovered the malicious spam yesterday through Sophos's advanced Behavioral Genotype® Protection capabilities. The link within the spam messages points viewers to a file entitled TERROR_EM_VIRGINIA.scr. If downloaded, the link installs a banking Trojan on the users computer system (detected as Mal/Packer by Sophos products) which can be used by cybercriminals to steal passwords, user names and account numbers.

The spammed emails claim to point to camera phone footage of the campus shootings
The spammed emails claim to point to camera phone footage of the campus shootings.

"It is extremely disturbing that cybercriminals have so quickly jumped to exploiting this horrible tragedy. Unfortunately, it's not that surprising," said Ron O'Brien, senior security analyst with Sophos. "We've seen similar behavior with other tragedies like Hurricane Katrina and the death of Pope John Paul II. Cybercriminals prey on the interest of concerned citizens hoping for the latest information on breaking news and, if history repeats itself, we'll see this campaign continue until interest fades."

To avoid falling victim to one of the schemes, Sophos encourages individuals to take extreme caution when downloading links from an unidentified source and to make informed decisions about where they gather information.

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.