The scare of Ebola virus is spreading like wild fire same as the virus. Thousands of people are fighting against the chronic disease and other are praying for the well-being of the patients. But, this is not the case with everyone as the cyber criminals have used the opportunity to attack and infect the PCs. Symantec has released a report suggesting that a group of cyber criminals are using the Ebola epidemic scare in West Africa in order to steal the passwords through e-mails. The offenders are using the latest news headlines to bait the victims.
Symantec has found out three malware operations and a phishing campaign using the Ebola virus as a social engineering theme. The criminals are sending credulous emails to the users with the fake Ebola reports as attachments with the mail. As soon as the users download the attachment in the system the device gets infected with the Trojan.Zbot malware. Along with these the hackers are also sending mails replicating a major telecom provider consisting of a presentation on Ebola virus. Symantec’s report highlights, “An attached zip file with a title like “EBOLA PRESENTATION.pdf.zip” actually executes Trojan.Blueso on the victim’s computer.”
As per Symantec the offenders are using W32.Spyrat to infect Web browsers. The hackers are using the virus to steal confidential and important data like passwords, payment information, delete files and folders and even record from the webcam. The mails from the criminals talk about the cure of Ebola and a special drug for the disease. This helps them to garner the attention of the users. The email being circulated reds, “In the last two weeks there has been talk of Zmapp, a promising Ebola drug still in an experimental stage.”
Symantec says, “The crooks entice their victims with an email claiming the Ebola virus has been cured and the news should be shared widely. The email attachment is Backdoor.Breutmalware.” When the user checks the email then they are further asked to log on to a web page, which asks them to enter their email credentials. Once the user enters the details the hackers steal the information and gain access to their accounts. Symantec advise the users not to open such malicious and suspicious mails and also avoid clicking the links and attachments given in the mail