Storm chaos prompts virus surge
The Nation 20, Jan 07
The e-mails with the subject line “230 dead as storm batters Europe”, can leave computers vulnerable to attack. The messages were first detected as the storms, which have killed at least 28 people, continued to rage. Variants of the virus have circulated for a number of days, but experts say they were surprised at how quickly the new modified virus appeared.
“The spamming started when the storms were still raging.” Mr Hypponen believes the adaptation was designed to take advantage of the interest in the storms. Security firms advise computer users not to open e-mail attachments unless they are expecting them and to keep security software up to date.
Malicious coders often take advantage of celebrity names or large news events to spread viruses and worms. In 2005, an e-mail scam offering regular news updates following Hurricane Katrina spread a virus that allowed hackers to take control of a computer user’s files.
The new virus, called Small.DAM, was spread through emails with a variety of subject lines purporting to be news. Other variants included “British Muslims Genocide” and “U.S. Secretary of State Condoleezza.” The virus is installed when a user opens the e-mail and clicks on an attachment. The attachment could be called Video.exe, Read More.exe, Full Clip.exe or Full Story.exe.
“When you click on the attachment it installs a backdoor on the infected PC giving full access to the virus writer to do anything they want,,’ said Mr Hypponen. “What they typically do is search your hard drive for credit card numbers and e-mail addresses because they can resell both of those.”
The virus writers will then use the computer in a botnet – network of slave machines used to support all kinds of cyber crimes such as sending spam and phishing e-mails. Users would not be aware that their computer was infected, said Mr Hyponnen.
“How many people clicked on it? It could be thousands or tens of thousands,” said Mr Hypponen. F-secure has issued a security update for the virus and other security firms are doing the same.
Source: The Nation