Security news
Security news19 April 2007
Malware attack poses as camera phone footage of Virginia Tech tragedy Cybercriminals look to capitalize on headline news about shootings
IT security and control firm Sophos has warned individuals of a social engineering phishing campaign that attempts to capitalize on the tragedy at Virginia Tech. Spam messages teasing camera phone footage of the Virginia Tech shootings have begun flooding inboxes worldwide. These messages, however, are infected with malware and could pose major problems if clicked through.
SophosLabs™, the company’s global network of high-security threat research centers, discovered the malicious spam yesterday through Sophos's advanced Behavioral Genotype® Protection capabilities. The link within the spam messages points viewers to a file entitled TERROR_EM_VIRGINIA.scr. If downloaded, the link installs a banking Trojan on the users computer system (detected as Mal/Packer by Sophos products) which can be used by cybercriminals to steal passwords, user names and account numbers.
The spammed emails claim to point to camera phone footage of the campus shootings.
"It is extremely disturbing that cybercriminals have so quickly jumped to exploiting this horrible tragedy. Unfortunately, it’s not that surprising," said Ron O'Brien, senior security analyst with Sophos. "We’ve seen similar behavior with other tragedies like Hurricane Katrina and the death of Pope John Paul II. Cybercriminals prey on the interest of concerned citizens hoping for the latest information on breaking news and, if history repeats itself, we’ll see this campaign continue until interest fades."
To avoid falling victim to one of the schemes, Sophos encourages individuals to take extreme caution when downloading links from an unidentified source and to make informed decisions about where they gather information.
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
