Frequent readers here know we are fascinated with the similarities between computer viruses and real viruses. Both use their unwittingly infected hosts (computers or host cells) to make copies of themselves and in the process can cause varying degrees of sickness. It’s hard to give any solid criteria which will differentiate one as qualitatively different than the other (except perhaps one is purely carbon based). But now you don’t have to choose. You can have both at once:
A new malware campaign uses faked e-mails that appear to inform of H1N1 vaccination programs from the Centers from Disease Control, but actually attempts to install the Zeus Trojan.
Both McAfee and Symantec [anti-virus software companies] issued warnings about the toxic e-mails, which are spoofed to look like they were sent from the “Centers for Disease Control and Prevention (CDC)” . . . (Eric Larkin, PC World via The Standard)
Here’s the screen shot of the email from McAfee’s warning post:
The subject varies and will likely continue to change. Here were some examples as of Tuesday (courtesy McAfee):
- Governmental registration program on the H1N1 vaccination
- State Vaccination H1N1 Program
- Your personal Vaccination Profile
- Create your personal Vaccination Profile
- State Vaccination Program
- Creation of personal Vaccination Profile
- Instructions on creation of your personal Vaccination Profile
- Creation of your personal Vaccination Profile
If you are foolish enough to click the link it will take you to an official looking webpage (also from McAfee page):
If you are even more foolish and try to create your “personal vaccination profile,” what will be created instead on your computer is a new variant of something called the Zeus trojan (both Symantec and McAfee have updates to their anti-virus tools that can detect this). Technically a computer trojan is not a virus because it doesn’t self-replicate but instead gives the malware malefactor the ability to control your machine remotely. One of the main uses is to integrate your computer into a botnet, a distributed network of computers for performing spamming or attacking other domains (by flooding it with requests, called a Denial of Service attack). In other words, it turns your machine into a computer zombie. But there are other possibilities as well as or instead of becoming part of a botnet, including password stealing, keystroke logging, modifying or deleting files or remote viewing of your screen. None of these are things you want visited upon your computer, nor would you like to infect other computers.
So don’t try to protect yourself from swine flu by infecting your machine with this little piece of computer code. Get the injectable or flumist form for yourself instead. Your computer will thank you for it.
And so will your family, friends, co-workers and community. You’ll be glad, too.