Malware Capitalizes on California Wildfires

Malware and scareware

The images coming out of southern California are dramatic as wildfires continue to threaten homes and residents. And as so often happens with tragedy, purveyors of malware hope once again to cash in on misery.

According to reports from Sophos and CA, malware writers are using blackhat SEO to poison the search results of those whose fears about the fire are entirely rational.

“In the last 24 hours SophosLabs has discovered a number of Web pages deliberately constructed by cyber criminals with the intention of striking PCs belonging to computer users who search for information on the breaking news story,” Sophos security expert Graham Cluley wrote in his blog.

It is an all-too-familiar problem. In the past, malware purveyors have taken advantage of tragedies as diverse as Michael Jackson’s death and the swine flu pandemic to install undesired software on the PCs of frightened or unhappy people.

“By using search engine optimization techniques, the hackers have been
able to place their sites high in search rankings,” Cluley added.

The malware-delivering sites use a variety of techniques to try to install malware on the PCs of visitors. Some claim to be providing a video that requires the installation of a special codec . Others display fake virus warnings and try to get permission to install bogus antivirus software on visiting PCs, according to Cluley.

Macs attacked too

Some of the malware sites are targeting Apple Macs, according to a blog post by Methusela Cebrian Ferrer, a senior research engineer at CA.

The attack uses OSX/Jahlav-C, malware that has been in the wild for some time, Ferrer wrote.

Other sites in the same search result listing were capable of installing
malware disguised as antivirus software on Mac systems, Ferrer added.

Be careful and be protected

Sophos’s Cluley wrote that the attacks once again show that users must
have up-to-date anti-virus installed on their computers. In this case the
warning applies to Mac as well as PC users.

Cluley added that enterprises should also do their part by deploying a
product like Sophos
Security and Data Protection
that will scan every Web site visited by
employees and block any malware.

Security awareness is also critical, CA’s Ferrer wrote. “It is important
to be aware at all times of these types of threats to avoid falling into an
attacker’s trap,” she said.

News Around the Web