Spammed malware attack poses as camera phone footage of university shootings

Sophos has warned computer users of a sick attempt by hackers to infect their computers, by offering camera phone footage of the shootings at Virginia Tech University where more than 30 people died on Monday. Email messages, spammed out to internet users, carry a photograph of gunman Cho Seung-hui and claim to link to a Brazilian movie website carrying movie footage of the campus shootings. However, clicking on the link downloads a malicious screensaver file (TERROR_EM_VIRGINIA.SCR) that installs a banking spyware Trojan horse.

Experts at SophosLabs discovered the spam campaign yesterday evening and proactively protected its customers against the threat by identifying the Trojan horse as Mal/Packer. The Trojan horse attempts to steal passwords, usernames and other information from online bankers – opening the possibility for identity theft and allowing bank accounts to be raided by cybercriminals.

“It’s pretty sick that cybercriminals use tragic events in the headlines like this in their attempts to make cash but sadly it’s not the first time and unlikely to be the last. The hackers have no qualms about making money out of other people’s misery,” said Graham Cluley, senior technology consultant for Sophos. “It is of paramount importance that everyone treats unsolicited emails with suspicion, and thinks twice before they run a unsolicited program or click on a link. Regular anti-virus updates, firewalls, security patches and a good serving of common sense is a must.”

Past malware and spam campaigns have taken advantage of headline breaking news stories such as Hurricane Katrina, the Indian Ocean tsunami, the Concorde aircrash and terror bombings in London.

Sophos continues to recommend that computer users ensure their anti-virus software is up-to-date, and that companies protect themselves with a consolidated solution which can defend them from the threats of viruses, hackers, spyware and spam.