• On mySimon: Backpacker Magazine Award Winners
advertisementGet Smart about Business Spending
May 1, 2009 4:50 PM PDT

Swine flu e-mail in Spanish links to data-stealing Trojan

by Elinor Mills
  • Font size
  • Print
  • Post a comment

An e-mail referencing a vaccine for swine flu is circulating that includes a link to a malicious file on a Mexican Web site that is designed to steal bank log-in information, security firm SonicWall said on Friday.

The e-mail, which is in Spanish, has a link to the Qhost.NJI Trojan on a Web site that appears to be legitimate but has probably been hacked, said Nick Bilogorskiy, manager of antivirus research at SonicWall.

The Trojan, an executable file coded in Visual Basic, changes the host file on Windows computers so that if the computer is used to visit certain domains of Mexican banks the PC is redirected to itself without the user knowing it and the Trojan steals any log-in data that is typed, Bilogorskiy said.

Earlier in the week, Symantec said a malicious PDF had been discovered that masqueraded as a frequently-asked-questions document related to the outbreak. And there have been numerous reports of spam using swine flu-related subject lines that lure people to pharmaceutical sites, security firms have reported.

One of the latest outbreak-related phishing attempts includes a link to a data-stealing Trojan.

(Credit: SonicWall)

This is the main page of the site that the malware is on, but SonicWall says the site is legitimate and was probably hacked.

(Credit: SonicWall)
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

News,

Vulnerabilities & attacks

Tags:

Swine Flu,

phishing

Share:
Digg
Del.icio.us
Reddit
advertisement
Click Here
Recent posts from Security
Microsoft warns of IE exploit code in the wild
Chrome OS security: 'Sandboxing' and auto updates
E-tailers snagged in marketing 'scam' blame customers
McAfee warns about '12 Scams of Christmas'
Cisco launches iPhone security app
Town to photograph every car that enters and leaves
New Firefox 3.6 beta aims to cut crashes
Facebook adopts new privacy policy
Related
FAQ: Recognizing phishing e-mails
Bank Trojan botnet targets Facebook users
Nation prepares for deadly bat virus
Gadgettes Podcast 160: The Batten Down the Hatches Episode
McAfee warns about '12 Scams of Christmas'
New Trojan encrypts files but leaves no ransom note
Twitter users warned about new phishing attack
Week in review: Microsoft getting lucky with 7?
advertisement

E-tailers linked to 'scam' blame customers

Priceline, Classmates.com, and Orbitz say customers should read the fine print before complaining about being charged to join loyalty programs they didn't want.

The 411 on early-termination fees

Verizon Wireless has doubled its early-termination fees for smartphones, but what does it mean for the rest of the industry?

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET