Greeting card malware on the rise

gallery

Malware attacks by email have increased in both volume and severity in the last month, fuelled by a rise so-called 'greeting card' or 'e-card' attacks which some anti-malware tools are struggling to contain.

In the attacks, which began to hit in large volumes last month, typical emails tell recipients they have received an e-card from a friend, loved-one or colleague and entice the user to click a link to view the card. Once the link is clicked, a wave of malware is released by taking the victim to a webpage that exploits security holes their browser, infecting their PC.

According to new research from security software developer PC Tools, experts have identified the malware exploding into people's inboxes as another variant of the Storm Trojan, a strong breed of mutating malware tagged 'Malware 2.0'.

"We suspect that the malware writers of this latest influx are based in Russia or the Ukraine. Their attacks are extremely sophisticated and use advanced techniques to get on and stay on victims computers" said PC Tools chief threat officer Kurt Baumgartner. "The threats also leave the system exposed to possible back-door and remote exploits, meaning all the data on the machine is being put at risk. These e-card threats are also designed to kill popular anti-virus products when it detects them starting, ensuring a persistent bot-enabled system once the malware is installed and the system rebooted."

The Metropolitan Police's Computer Crime Unit reported that these rogue 'e-cards' are often the way hackers gain access to computers or find e-mail addresses worth sending spam messages to.

Email to a friend

Print this page