icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
9 Sep, 2014 13:30

Awfully big mal-adventure: Peter Pan virus flies into inboxes across Britain

Awfully big mal-adventure: Peter Pan virus flies into inboxes across Britain

Malware dubbed the “Peter Pan” virus was sent to thousands of email accounts in the UK and beyond. The scam message, claiming to contain tickets to a Christmas show, is designed to steal passwords.

The phishing email, alleging to be sent from ticketing company BH Live, aims to install malware on to the recipient’s computer. It says the recipient has booked nine tickets to the 7pm performance of Peter Pan at Bournemouth Pavilion on 23rd December.

It further claims that a MasterCard, last four digits 7006, was used to make the £145 purchase. It invites people to open some e-tickets which it says are attached.

The hacking attack, traced to the Belarus’ National Academy of Sciences and servers based in France, appears particularly sophisticated. BH Live is in fact a real company, issuing tickets on behalf of Bournemouth Pavilion, where a production of Peter Pan is showing this Christmas.

Both companies have been flooded with phone calls from recipients, and have urged those who have received them not to open any attachments or click on any links.

RT @Bournemouthecho: Been sent an unexpected email about tickets to Peter Pan at the @BICPAV? You're not the only one....

— BIC/Pavilion Theatre (@BICPAV) September 8, 2014

“Emails have been sent to a number of recipients purporting to be from BH Live,” a statement issued on the Bournemouth Pavilion website said.

“Initial investigations suggest that emails did not originate from BH Live’s systems or network. Please do not open any attachment or click any links.”

The malware captures highly sensitive personal and commercial information and is almost undetectable by current anti-virus software. Those who open the attachment could have their passwords and social media login details stolen or be locked out of their computer.

Andrew Conway, systems analyst at Cloudmark internet security, told the Telegraph there has been a spike in the number of viruses sent from hackers in the former Soviet Union.

“You see a lot of attacks coming out of Russia and the old Soviet Republics, out of Eastern Europe, partly because they have a great educational system, turning out a lot of smart people who know all about computers, but not that many employment opportunities for them,” said Conway.

“They don’t have the high-tech sector. A lot of these people are turning to computer crime because that’s just a way to use their expertise.”

Action Fraud, the UK’s national reporting center for fraud and internet crime, says if you don’t recognize the source or the sender, avoid clicking on emails, text and internet popup messages.

“Don’t allow curiosity to lead you astray,” says Action Fraud’s website. “Avoid opening attachments or clicking on website links from unknown sources.”

“If an e-mail from a known source appears in your inbox with an unusually worded subject do not click on the link or attachment. Verify that it was genuinely from the sender. The risk is that their computer or email may have been hacked and is being used maliciously.”