Swine flu malware poses as pig plague update

21 July 2009

Wrongdoers have created a new strain of swine flu-themed malware. A Trojan, containing backdoor and keylogger functionality, poses as a Word document from the US Centre of Disease Control giving information about the disease.

The infectious file - Novel H1N1 Flu Situation Update.exe - appears with an icon that makes it look like a Word document file. Users tempted to open the booby-trapped file are presented with a document.

Meanwhile the malicious code does its mischief in the background, as explained in a write-up (containing screenshots) by net security firm F-Secure here. F-Secure classifies the Trojan as Agent-AVZQ.

Junk mailers were quick to latch onto earlier media hype about the swine flu epidemic to promote websites selling dodgy pharmaceuticals. Agent-AVZQ is the first incident we've come across that uses the increased hype about pig plague to promote malware.

Using events in the news to spice up malware threats has been the stock in trade of VXers for years.

TrackBack URI for this entry

Comments (0)

Subscribe to this comment's feed

Show/Hide comments

Show/Hide comment form

Name

Email

Title

Comment

smaller | bigger

Subscribe via email (Registered users only)

I have read and agree to the Terms of Usage.

Write the displayed characters

Add Comment