PandaLabs, Panda Security’s laboratory for detecting and analysing malware, has detected two new worms, Nuwar.OL and Valentin.E, which uses the topic of St Valentine’s Day to spread.
“Year after year we see the appearance of several malware strains that use St Valentine’s Day as bait to attract users”, explains Luis Corrons, Technical Director of PandaLabs. “This indicates that cyber crooks are still reaping the benefits of this technique and many people still fall into the trap.”
The first one of these worms, Nuwar.OL, reaches computers by email with subjects like “I Love You Soo Much”, “Inside My Heart” or “You... In My Dreams.”
The text of the email includes a link to a website that downloads the malicious code. The page is very simple and looks like a romantic greeting card with a large pink heart.
Once it has infected a computer, the worm sends out a large amount of emails to the infected user’s contacts in order to spread. This also creates a heavy load on networks and slows down the computer.
Valentin.E is very similar to this. Like the Nuwar worm, it spreads by email in messages with subjects like “Searching for true Love” or “True Love” and an attached file called “friends4u”. If the targeted user opens the file, a copy of the worm will be downloaded.
The malicious code installs on the computer as a file with the .scr extension. If the user runs it, Valentin.E shows a new desktop background to trick them, while it makes several copies of itself on the computer.
Then, the worm sends out emails with copies of itself from the infected computer to spread and infect more users.
“Both cases are clear examples of social engineering techniques used to spread malware. They use attractive subjects -- Valentine’s Day greeting cards, romantic desktop themes, etc -- to entice users to run attachments or click links that ultimately download malware onto their computers”, says Corrons.
No comments:
Post a Comment