HackDig : Dig high-quality web security articles for hacker

Over 1,600 Users Fall Victim to Zika Virus Spam Campaign

2016-02-20 22:10

Almost every time there's a major event happening around the world, you can count on a cyber-criminal to put a spam campaign together that leverage the incident and uses it to spread malware to curious and unsuspecting users.

The exact same thing is happening right now, as cyber-security vendor Symantec reports of spammers who are using the Zika virus outbreak to deliver their malicious code.

Users targeted with this campaign are receiving emails with the “ZIKA VIRUS! ISSO MESMO, MATANDO COM ÁGUA!” title, which translates to: “Zika Virus! That's Right, killing it with water!"

The emails are obviously leveraging everyone's interest in the Zika virus, providing methods of combating it and offering to provide information on how to stay safe.

But all the information is not readily available, and users are encouraged to download an email attachment to learn more. This file has the .jse extension, and when launched into execution it will automatically connect to a C&C server and ask for instructions.

Spam delivers the JS.Downloader trojan

Symantec says it detects this file as JS.Downloader, a trojan variant specialized in getting a foothold on infected systems, and then downloading other more malicious files that can range from ransomware to banking trojans, and so on.

For this campaign, the JS.Downloader download link redirects users through a bit.ly link to a Dropbox URL. Security researchers observed that since February 5 to February 18, 1,610 users have accessed the URL.

As with the Zika virus itself, this campaign started and is active in mainly Brazil, but expect it to spread to other countries as the Zika virus spreads as well.

Currently, the World Health Organization (WHO) has upgraded the Zika virus to a level 1 outbreak and declared a Public Health Emergency of International Concern (PHEIC).

Users should consult the official websites of healthcare organizations and refrain from opening, reading, and trusting information they received via unsolicited emails.

Statistics for Dropbox URL where the trojan was hosted
Statistics for Dropbox URL where the trojan was hosted

Source: Gdt0Wa0NWa21CbsFmZtMnclNXdtADM20SMtIXZ292LzdXZu9SbvNmLhlGZlBHdm92cuM3dl52LvoDc0RHa/ca.ssr.dps

Read:2823 | Comments:0 | Tags:Spam Reports Virus

“Over 1,600 Users Fall Victim to Zika Virus Spam Campaign”0 Comments

Submit A Comment



Blog :

Verification Code:


Share high-quality web security related articles with you:)


Tag Cloud