MoMusings

Outbreaks of Malware to follow?

Well, I’m back from my hols, although Zotob arrived and caused chaos for the first three days of the first week; I got involved with customer calls, threat calls and virus assessment calls, analysing samples and generally monitoring the situation….so much for the start of my holiday!

I’ll cover Zotob in another post shortly as the situation is still developing…..stay tuned!

The day before I came back I was discussing how long it would take the 419ers, Phishers, other Scamming groups and malware authors to latch onto the latest way of making money out of other peoples misery by taking advantage of the devastation caused in the US by Hurricane/Tropical Storm Katrina.

I said that we’d see one within 10 days. Sure enough they couldn’t resist using this catastrophe to try and fleece more people.

They have used other disasters and attacks as ways to extract money which should be going to the victims, to line their own pockets; these include: The Asian Tsunami, 9/11 and the London Bomb attacks on the 7/7.

On the 30th of August 2005, less than a day after Katrina had made landfall and caused widespread destruction and flooding across Louisiana and Missisippi SANS warned that they already have seen scammers starting to use this disaster, here’s some of their commentary:

“We updated yesterday’s diary with the information of fake emails and domains being used to get donations for the Katrina Hurricane and Brian Krebs just updated the Security Fix blog, with new informations about these fake domains.
Some that we strongly suspect so far are katrinahelp.com , katrinarelief.com and katrinacleanup.com.”

They go on to say:

“We got information that there are plenty of domains for sale at eBay, related the Hurricane. A quick look at whois services for Katrina name can show you some interesting names…”

Watch out for e-mails asking for donations, they may well be Phishing or 419 scams and any money donated will not go to the victims, worse still your credit/debit card may well end up on ‘carding’ lists and sold to thieves. They may [almost certainly will] use you card details to make purchases which you have not authorised.

Furthermore, be very suspicious of any e-mails that claim to have video footage or other data as an attachment as this will almost certainly contain nothing more than malware, and you may end up with an infected system.

I was in New Orleans in September 2002 for a conference just as a category 3 hurricane was about to make landfall. In fact I was on the last plane to land at the airport that day.

Luckily for me and New Orleans, Hurricane Isidore lost some of it’s power and was downgraded to a tropical storm before it made landfall. However, New Orleans was flooded with some parts under 12 feet of water. Many roads were unpassable, abandoned vehicles everywhere. It was a mess! Even the conference hotel was flooded! So, my sympathy goes to all those affected by this disaster, either directly or indirectly.

Please help!
If you want to help those affected by the US Katrina disaster, then please do not let these scammers put you off giving your much needed assistance. However, DO use one of the real charity organisations that are helping such as the American Red Cross, their website address is http://www.redcross.org/

Links:
http://www.vnunet.com/vnunet/news/2141705/scammers-jump-hurricane-katrina