Huge H1N1 Malware Campaign
Security researchers stated that there was a huge spam campaign that happened early this December with a message coming from the Centers for Disease Control (CDC) asking the people to register for H1N1 vaccinations.
The e-mail messages redirect the innocent victims to a fake CDC site convincing them to create their profile. In this way, they will receive a swine flu vaccination. The fake site advises the users to download a vaccination profile archive which includes the link for that download. Of course, H1N1 known for its aggressive spread and lack of vaccine, people grab the mistaken opportunity and download the link which is a new variant of the Zbot Trojan horse. Security companies called it “Zeus”. It is a bot malware that hijacks your Windows PC for sending more spam and other nefarious activities.
Enormous number messages hit the users’ filter during the day when the bogus CDC messages started arriving to inboxes with the subject lines like “State Vaccination H1N1 Program, “Governmental registration program on the H1N1 vaccination” and “Create your personal Vaccination Profile.”
According to AppRiver, an email and web security solutions to businesses from Florida, the spam campaign’s average was about 18,000 messages per minute, or about 1.1 million per hour. It considered as the biggest when it comes to malware-oriented run currently reaching its customers and virus/phishing campaign right now. Because of its high volume, AppRiver has to block an approximate of 13 million messages during that time. 37 of 41 anti-virus detection engines of AppRiver has not detected the said Zbot Trojan but later recognized by its 21 detection engines.
The malware author is wise enough to make a backup attack plan for those people who are too cautious to clink the link. The fake CDC site has an iframe, an invisible element on the page which contains attack code exploiting Adobe Software vulnerabilities like Adobe Reader and Flash player. Attackers are too frustrated for being incapable to exploit Windows that they target Adobe’s applications. In the most recent Adobe Reader update, there are patched 29 vulnerabilities in the PDF viewer. The update made last October plugged a hole already being used by hackers.
Zbot, also called a “botnet” in security parlance, is the main active collection of compromised computers. When it comes to malicious activity, Zbot has been in the top for months. It was used by a British couple who then get arrested for stealing online banking account usernames and passwords. McAfee, AppRiver’s rival security company, the host servers of the fake CDC is can be located in Argentina, Chile, Colombia, Brazil, India and Malaysia.
How Can Techie Now Help?
Even H1N1 vaccinations are being used by the attackers to victimize innocent people whose only concern is to protect themselves from the disease. This really questions our computer security. If you feel that your PC is not protected from any online attacks, contact Techie Now for your PC support services such as virus and spyware removal, performance optimization, installation and configuration, and general repair. Techie Now is what you need for your PC needs.