Effect Measure

Frequent readers here know we are fascinated with the similarities between computer viruses and real viruses. Both use their unwittingly infected hosts (computers or host cells) to make copies of themselves and in the process can cause varying degrees of sickness. It’s hard to give any solid criteria which will differentiate one as qualitatively different than the other (except perhaps one is purely carbon based). But now you don’t have to choose. You can have both at once:

A new malware campaign uses faked e-mails that appear to inform of H1N1 vaccination programs from the Centers from Disease Control, but actually attempts to install the Zeus Trojan.

Both McAfee and Symantec [anti-virus software companies] issued warnings about the toxic e-mails, which are spoofed to look like they were sent from the “Centers for Disease Control and Prevention (CDC)” . . . (Eric Larkin, PC World via The Standard)

Here’s the screen shot of the email from McAfee’s warning post:

i-6f8da7ac03202ecef274f7d16aeb6f3c-AvetBlog_Dec-09_h1n1vac.png

The subject varies and will likely continue to change. Here were some examples as of Tuesday (courtesy McAfee):

  • Governmental registration program on the H1N1 vaccination
  • State Vaccination H1N1 Program
  • Your personal Vaccination Profile
  • Create your personal Vaccination Profile
  • State Vaccination Program
  • Creation of personal Vaccination Profile
  • Instructions on creation of your personal Vaccination Profile
  • Creation of your personal Vaccination Profile

If you are foolish enough to click the link it will take you to an official looking webpage (also from McAfee page):

i-b28cc47063ca80f1e725365f1c72d95c-AvetBlog_Dec-09_h1n1vac.website.png

If you are even more foolish and try to create your “personal vaccination profile,” what will be created instead on your computer is a new variant of something called the Zeus trojan (both Symantec and McAfee have updates to their anti-virus tools that can detect this). Technically a computer trojan is not a virus because it doesn’t self-replicate but instead gives the malware malefactor the ability to control your machine remotely. One of the main uses is to integrate your computer into a botnet, a distributed network of computers for performing spamming or attacking other domains (by flooding it with requests, called a Denial of Service attack). In other words, it turns your machine into a computer zombie. But there are other possibilities as well as or instead of becoming part of a botnet, including password stealing, keystroke logging, modifying or deleting files or remote viewing of your screen. None of these are things you want visited upon your computer, nor would you like to infect other computers.

So don’t try to protect yourself from swine flu by infecting your machine with this little piece of computer code. Get the injectable or flumist form for yourself instead. Your computer will thank you for it.

And so will your family, friends, co-workers and community. You’ll be glad, too.

Comments

  1. #1 Dunc
    December 3, 2009

    How long before the anti-vaxers start screaming about the Stalinist implications of requiring everyone to register their Personal Vaccination Profile with the CDC and / or screaming about the CDC taking over their computer? I’d give it a week, tops…

  2. #2 CPF
    December 3, 2009

    The CDC has added a blurb about these emails to their Health Related Hoaxes and Rumors page: http://www.cdc.gov/hoaxes_rumors.html

    (Alternately, one could go to cdc.gov and search for hoaxes.)

  3. #3 Neil
    December 3, 2009

    Dunc,
    Don’t give them any ideas! Hopefully they just won’t be smart enough to pick up on it. After all, they continue to demonstrate their ignorance on real virus issues..,

  4. #4 OmegaMom
    December 3, 2009

    Dunc–I’d swear I’ve already seen that type of talk on Twitter in my H1N1 search…oy!

  5. #5 Marcino
    December 3, 2009

    You could say that the attacks on our computers, hackers are like crimes committed in our normal lives. I have 30 attacks a day on your computer, and I’m not really sure if I’m the host computer in the botnet world.

  6. #6 Marcino
    December 3, 2009

    Undoubtedly, we must fight this problem. It is not a problem of individuals but our entire culture. All illegal intrusion can be explained psychologically and relevant authorities should resolve this problem at its roots. It is important to raise awareness of our children, that such action harms themselves.