Sophos

Talk to our experts

Find your local press contact

Resources

Info feeds

What are info feeds?

30 October 2007

Stormy Halloween as hackers try to infect PCs with dancing skeleton Cybercriminals tempt the unwary with macabre malware

IT security and control firm Sophos has warned that a cybercriminal gang is attempting to hijack the Halloween festivities to infect the PCs of innocent computer users.

Malicious spam emails sent across the internet direct internet users to a Halloween-themed website offering a download of a dancing skeleton game, but really designed to install a Trojan horse that gives hackers remote access to the PC. Emails containing the malicious links have a variety of subject lines including the following:

Happy Halloween
Dancing Bones
The most amazing dancing skeleton
Show this to the kids
Send this to your friends
Man this rocks

The emails link to a Halloween-themed website hosting malicious code

The emails link to a Halloween-themed website hosting malicious code.

"This is just the latest incarnation of the poisoned ecard attack (also known as Storm) which has dominated the malware scene for months. The gang responsible are experts at choosing topical disguises or crafting alluring emails that the unwary may find difficult to resist," said Graham Cluley, senior technology of consultant. "What's even more frightening is that when innocent users click to see the skeleton dance, the site also plays The Vengaboys song 'Boom boom boom boom'. The good news is that advanced IT security defences are able to stop an attack like this dead in its tracks."

Unlike some other IT security vendors Sophos did not have to issue an update to protect its users against the malware as Sophos's Behavioral GenotypeŽ Protection technology was already able to proactively identify the script at the website as Troj/JSXor-Gen and the downloaded executable as Mal/Behav-146. Users of other vendors' products are recommended to update their protection and ensure that they are defended from the threat.

Sophos experts note that this is not the first time that the gang behind the current attack have used festivities to spread their malware. In July, the hackers sent round messages posing as American Independence Day greetings and distributed malicious "Happy Labor Day" messages in September.

Earlier this month, Sophos reported how spammers had distributed Halloween-related emails with the intention of gathering personal information from recipients.

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.

About Sophos

Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com

See also: