icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
23 Oct, 2014 12:54

Ebola email viruses go viral with 'healthtips' from hackers

Ebola email viruses go viral with 'healthtips' from hackers

Hackers are trying to capitalize on Ebola hysteria by sending out emails - purportedly from the WHO, among others - urging users to open attachments ridden with malware, promising information and prevention tips on Ebola.

Emails have been sent purporting to come from the World Health Organization (WHO) or the Mexican government, prompting users to open an attachment for important information on Ebola in order to install malware on their computers.

Cyber-security specialists at Trustwave’s SpiderLabs published details of the scam on their blog.

The scam aims to install DarkComet Remote Access Trojan (RAT) on victims’ computers, a malicious program which cannot be detected by antivirus software. Once installed, RAT gives cybercriminals remote access to infected devices including webcams, passwords, and keystrokes and other sensitive information.

Emails with subject lines like ‘So Really, How Do You Get Ebola?’, ‘Ebola, GMO, What They Don’t Want You To Know’ and ‘The #1 Food Items You’ll Need in An EBOLA Crisis’, con Ebola-fearing victims into installing the attached malware, according to Trustwave.


Currently, the experts at Trustwave believe that this is a “low volume campaign,” a non-targeted operation in which hackers attempt to infect random users hoping to hit some valuable data they can sell or use.

Hackers using topical hooks to trick victims is nothing new. In March, cybercriminals used Facebook to share a fake video of the missing Malaysian Boeing MH370, redirecting users to phishing sites which urged them to share the video before watching, giving the criminals access to victims’ Facebook accounts.

Echoing the US Department of Homeland Security’s Emergency Readiness Team’s (US-CERT) warning from last week, Trustwave advised users to be wary of Ebola-themed emails and cautioned against opening any unsolicited attachments.