14 DAY TRIAL // Romania is beginning to look a lot like other countries where Occupy protests are taking place and even though this is not an official Occupy movement and no Anonymous hackers are involved, cybercriminals take advantage of the citizen’s discontent with their president to launch a malware-spreading campaign.
An email that allegedly comes from a popular television network informs the recipient that the country’s president, Traian Basescu, revealed his intentions of resigning, promising pictures featuring the Minister of Tourism’s reaction to the news.
The link included in the message points to a so-called image that is actually an executable file carrying a backdoor, identified by Bitdefender as Trojan.Agent.ATWK, which allows the cybercriminals to take over the infected machine.
“The new wave of unsolicited messages is extremely similar to the ones from July which announced the death of the rapper Eminem and President Basescu’s involvement in an accident,” Bitdefender’s Bogdan Botezatu said.
“These types of messages take advantage of the users’ curiosity in a national interest situation to take over the control of their computes and utilize them for illegal purposes,” he added.
Protests, the death of public figures and other scenarios that raise interest are always a good opportunity for cybercriminals to make their move.
It’s not necessary for the news to be legitimate, like in the case of Muammar Gaddafi’s passing, for a malicious plot to be successful. If the topic may present interest, then it’s very likely that a large number of unsuspecting users will fall for the scams.
Users are advised to double check the validity of a story before rushing to click on shady links or suspicious looking attachments that may come in unsolicited emails. Also, an up-to-date security solution is highly recommended as it can, in many cases, keep you out of trouble.