MoMusings

How low will the malware authors go?

Well, real-low or so it seems!

Looks like the malware authors have been mixing with scams artists and other internet scum and villains who prey on the ‘good’ ‘caring’ people out there….so, heads-up all of the ‘good’ people out there in internet-land.

Yes, the malware authors [who as far as I was concerned were already in the gutter] have joined the rest of the internet filth down in the virtual sewers of the ‘net, I hope they rot down there with the rats and other waste…

The VBS/Geven-B worm which was released earlier this month tried to spread a twisted message that the earthquake and resulting tsunami was God’s punishment to “people who did bad on earth”.

The worm, when run creates a text file which it attempts to open on the infected system; the text reads:

It is God’s total avenge!
To those people who did bad on earth…
God has promised, that He will give lesson,
and this is a promise that the End of Day
is just not too far ahead!
Pray, do good and may God bless you!
Tell and share this message with everyone who has faith in God.

Now, we have the VB-Sun-A worm. This worm prompts unsuspecting users to open an infected attachment which of course spreads the worm further. As a further nasty side-effect it will initiate a denial of service [DoS] attack on a German hacking website [www.hacksector.de].

Infected e-mails have the subject line of :

Tsunami Donation! Please help!

The body text reads:

Please help us with your donation and view the attachment
below!
We need you!

The worm is contained in the attachment to the e-mail and is called tsunami.exe.

Phishy Site:
Finally, over the weekend a very convincing fake Red Cross website was set up at www.american-redcross.org [no, this isn’t a real RED CROSS site address] by scammers out to steal credit card data, card and PIN numbers too. The site is now down, but it is unclear as to how many people fell victim to this despicable scam.

Links:
Sophos VBS/Sun-A

Sophos VBS/Geven-B

The ‘Real’ Red Cross site