• On TechRepublic: Five super-secret features in Windows 7
May 1, 2009 4:50 PM PDT

Swine flu e-mail in Spanish links to data-stealing Trojan

by Elinor Mills
  • Font size
  • Print
  • Post a comment

An e-mail referencing a vaccine for swine flu is circulating that includes a link to a malicious file on a Mexican Web site that is designed to steal bank log-in information, security firm SonicWall said on Friday.

The e-mail, which is in Spanish, has a link to the Qhost.NJI Trojan on a Web site that appears to be legitimate but has probably been hacked, said Nick Bilogorskiy, manager of antivirus research at SonicWall.

The Trojan, an executable file coded in Visual Basic, changes the host file on Windows computers so that if the computer is used to visit certain domains of Mexican banks the PC is redirected to itself without the user knowing it and the Trojan steals any log-in data that is typed, Bilogorskiy said.

Earlier in the week, Symantec said a malicious PDF had been discovered that masqueraded as a frequently-asked-questions document related to the outbreak. And there have been numerous reports of spam using swine flu-related subject lines that lure people to pharmaceutical sites, security firms have reported.

One of the latest outbreak-related phishing attempts includes a link to a data-stealing Trojan.

(Credit: SonicWall)

This is the main page of the site that the malware is on, but SonicWall says the site is legitimate and was probably hacked.

(Credit: SonicWall)
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

News,

Vulnerabilities & attacks

Tags:

Swine Flu,

phishing

Share:
Digg
Del.icio.us
Reddit
advertisement
Click here!
Recent posts from Security
Microsoft patching zero-day Windows 7 SMB hole
RSA reveals details behind re-shipping scam
Expert says Adobe Flash policy is risky
Apple updates Safari for security
Microsoft probing Windows 7 zero-day hole
Security considerations for virtual environments
Eastern Europeans charged in payment processor hack
A child porn-planting virus: Threat or bad defense?
Related
Bank Trojan botnet targets Facebook users
Nation prepares for deadly bat virus
Gadgettes 160: The Batten Down the Hatches Episode
New Trojan encrypts files but leaves no ransom note
Twitter users warned about new phishing attack
Week in review: Microsoft getting lucky with 7?
Google launches Maps tool for finding flu vaccine
Week in review: Motorola, Verizon ready the Droid
advertisement

A CNET Conversation with Eric Schmidt

CNET's Tom Krazit and Molly Wood sit down with Google CEO Eric Schmidt to discuss the future of Android, the Chrome OS, the problem of real-time search indexing, and more.

Verizon tests sending RIAA copyright notices

The No. 2 phone company, known for its reluctance to intervene in antipiracy cases, strikes an agreement to forward copyright notices on behalf of the music industry.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET