Another Worm Hits Online Tsunami Relief
Page 1 of 1
Another worm has emerged in the wild, preying on the generosity of those trying to donate to the Tsunami relief effort.
Multiple security firms, including McAfee, TrendMicro, Sophos and Symantec, today are reporting the discovery of the worm. McAfee and Symantec call it W32.Zar.A@mm, Trend Micro calls it WORM_ZAR.A and Sophos calls it W32/VBSun-A.
The worm usually has the subject line "Tsunami Donation! Please help" and includes an attachment named tsunami.exe. When clicked, the attachment delivers its payload, which is a Denial of Service (DoS) attack on the German domain www.hacksector.de.
Symantec, McAfee and TrendMicro have given the worm a low-risk rating, and have noted that the latest virus definition updates to their products will detect and remove the parasite.
"Duping innocent users into believing that they may be helping the tsunami disaster aid efforts shows hackers stooping to a new low," said Graham Cluley, senior technology consultant at Sophos in a statement. "This gruesome insensitivity is a despicable ploy to get curious computer users to run malicious code on their computers. Everyone should be wary of unsolicited email attachments, and visit the established charity websites instead if they wish to assist those suffering as a result of the disaster."
The FBI warned at the beginning of January to be wary of Internet scams relating to the tsunami disaster. In a statement, the bureau detailed numerous schemes ranging from phishing schemes directing potential donors to phony tsunami relief Web sites to other malicious forms of fraud.
Online donations have been a tremendous boon to the relief effort and were recommended by President Bush as a way for Americans to make their donations. According to the Chronicle of Philanthropy, an online newspaper geared toward the nonprofit sector, much of the $406 million raised as of the middle of last week for tsunami relief in the United States came from online donations.