Swine flu malware poses as pig plague update
Wrongdoers have created a new strain of swine flu-themed malware.
A Trojan, containing backdoor and keylogger functionality, poses as a Word document from the US Centre of Disease Control giving information about the disease.
The infectious file - Novel H1N1 Flu Situation Update.exe - appears with an icon that makes it look like a Word document file. Users tempted to open the booby-trapped file are presented with a document.
Meanwhile the malicious code does its mischief in the background, as explained in a write-up (containing screenshots) by net security firm F-Secure here. F-Secure classifies the Trojan as Agent-AVZQ.
Junk mailers were quick to latch onto earlier media hype about the swine flu epidemic to promote websites selling dodgy pharmaceuticals. Agent-AVZQ is the first incident we've come across that uses the increased hype about pig plague to promote malware.
Using events in the news to spice up malware threats has been the stock in trade of VXers for years. ®