• On The Insider: Britney's Bikini-Clad Top 10
May 1, 2009 4:50 PM PDT

Swine flu e-mail in Spanish links to data-stealing Trojan

by Elinor Mills
  • Font size
  • Print
  • Post a comment
Share

An e-mail referencing a vaccine for swine flu is circulating that includes a link to a malicious file on a Mexican Web site that is designed to steal bank log-in information, security firm SonicWall said on Friday.

The e-mail, which is in Spanish, has a link to the Qhost.NJI Trojan on a Web site that appears to be legitimate but has probably been hacked, said Nick Bilogorskiy, manager of antivirus research at SonicWall.

The Trojan, an executable file coded in Visual Basic, changes the host file on Windows computers so that if the computer is used to visit certain domains of Mexican banks the PC is redirected to itself without the user knowing it and the Trojan steals any log-in data that is typed, Bilogorskiy said.

Earlier in the week, Symantec said a malicious PDF had been discovered that masqueraded as a frequently-asked-questions document related to the outbreak. And there have been numerous reports of spam using swine flu-related subject lines that lure people to pharmaceutical sites, security firms have reported.

One of the latest outbreak-related phishing attempts includes a link to a data-stealing Trojan.

(Credit: SonicWall)

This is the main page of the site that the malware is on, but SonicWall says the site is legitimate and was probably hacked.

(Credit: SonicWall)
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

News,

Vulnerabilities & attacks

Tags:

Swine Flu,

phishing

Share:
Digg
Del.icio.us
Reddit
advertisement
Click Here
Recent posts from Security
PC Tools Internet Security 2010 reviewed
Google Chrome now bundled with Avast
Some Avast users must reinstall flagged files
Defense Dept. pulls software over privacy issues
Microsoft to plug critical IE hole targeted by exploit code
Google wants to unclog Net's DNS plumbing
Avast update falsely flags good apps as malware
Character limitations in passwords considered harmful
Related
FAQ: Recognizing phishing e-mails
Nation prepares for deadly bat virus
McAfee warns about '12 Scams of Christmas'
Week in review: Microsoft getting lucky with 7?
Google launches Maps tool for finding flu vaccine
Fake CDC vaccine e-mail leads to malware
Michael Jackson tops Google, Yahoo search in 2009
Don't take this bait (but you're safe if you do)
advertisement

The yogurt makers of tech: Gadgets to avoid

Don't buy these one-trick ponies--unless you like gizmos that gather dust.

Google wants to unclog Net's DNS plumbing

The Net giant, ever eager for a faster Internet, debuts its Google Public DNS service. With it, Google could become even more central to the Net.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET