Application security, Malware

Cybercriminals continue to piggyback on Ebola news

Researchers at Trustwave have come across several samples of emails purporting to be from legitimate organizations attempting to share information on the Ebola virus, but in reality compromises victims with a Remote Access Trojan (RAT).

In one example the message claims to be from the World Health Organization and offers an attachment that provides tips on how to stay safe from the virus, according to a blog post.

When the file is executed and run, the RAT, which goes undetected by anti-virus software, is capable of logging keystrokes, capturing webcam and sound activity, uploading and executing files, as well as stealing passwords and executing shell commands. The stolen information is then sent to a remote server. Researchers believe that this is currently not a widespread or targeted campaign.

A similar attack spoofed CNN news regarding terrorists' use of the virus.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.