Ebola email viruses go viral with 'healthtips' from hackers
Emails have been sent purporting to come from the World Health
Organization (WHO) or the Mexican government, prompting users to
open an attachment for important information on Ebola in order to
install malware on their computers.
Cyber-security specialists at Trustwave’s SpiderLabs published details of the scam on their blog.
The scam aims to install DarkComet Remote Access Trojan (RAT) on victims’ computers, a malicious program which cannot be detected by antivirus software. Once installed, RAT gives cybercriminals remote access to infected devices including webcams, passwords, and keystrokes and other sensitive information.
Emails with subject lines like ‘So Really, How Do You Get Ebola?’, ‘Ebola, GMO, What They Don’t Want You To Know’ and ‘The #1 Food Items You’ll Need in An EBOLA Crisis’, con Ebola-fearing victims into installing the attached malware, according to Trustwave.
Currently, the experts at Trustwave believe that this is a “low volume campaign,” a non-targeted operation in which hackers attempt to infect random users hoping to hit some valuable data they can sell or use.
Hackers using topical hooks to trick victims is nothing new. In March, cybercriminals used Facebook to share a fake video of the missing Malaysian Boeing MH370, redirecting users to phishing sites which urged them to share the video before watching, giving the criminals access to victims’ Facebook accounts.
Echoing the US Department of Homeland Security’s Emergency Readiness Team’s (US-CERT) warning from last week, Trustwave advised users to be wary of Ebola-themed emails and cautioned against opening any unsolicited attachments.