2.Hackers used as a bait Ebola infected with MalWare

Symantec has identified three operations malware and phishing campaign that uses the Ebola virus as social engineering to commit crime.
the first campaign used by attackers is to second an email with a false report on the Ebola to call attention to victims and eventually infect your computer with malware Trojan.Zbot.
the second campaign involves sending as email under the name of Etisalat,a provide of telecommunications services in the united Arab Emirates.the email says offers says a high -level pressentaion Ebola virus.it contains a zip file attachment entitled "Ebola -ESTISALA PRSENTAION.pdf.zip"which actually runs malware called Trojan.Blueso on the victim computer.

Figure 1.

Figure 2.

Figure 3.

Figure 4.

Figure 1.Email campaign Ebola used as infector to Trojan malware.

Note that this malware also infects the user's browser with W32.Spyrat,which ,in turn performs trhe following actions:

                     1.Record keystrokes(every thing you type with keyboard)
                     2.Burn the images of the webcams of the users.
                     3.open and close website without your permission.
                     4.Capture images from the session.
                     5.upload and download files.
                     6.create new folders and files.
                     7.Remove existing folders and files.
                     8.Take information on operating system and computer applications and uninstalled.

The third campaign uses the name ZMapp,a drg agaign Ebola in Beta stage,to win the trust of victims and infect computers with malware Backdoor.Breut.The hackers send email stating that it has discovered the cure Ebola and that the news should be shared in bulk.the email.contains malware attached to Backdoor.Breut.

Figure 2.Email malicious lures victims with false cure Ebola

The following phishing campaign poses as holder of CNN last minute on Ebola ,which is speculated to an alleged terrorist plot that uses the virus in question for attacks.in the email. information caution is also promises to these attacks and a list  of region "target"

Figure 3. Phishing campaign using the CNN brand as bait

if the user clicks on the links in the email redirects to a web page where you are asked to select a victim email provider where his look is asked to login to access the content.if you perform this action,your login credentials email will be sent directly to hackers.

Figure 4:System used by cyber criminals to steal login details with fake login page.

Symatec recommended ass users to be aware unsolicited ,unexpected suspicious emails.if you are unsure of the legitimacy of an email,do not respond to it,and avoid clicking on links in the messages and not open attachments.

SHARE

About murali