Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Halloween malware horrors expected

Sunbelt Software : 23 October, 2009  (Technical Article)
Vipre security software producers detail the malicious software threats that can be expected alongside the traditional growth in malware over the Halloween period
Sunbelt Software, a provider of Windows security software, has released its top tips for combating and avoiding malware attacks and threats in the run up to Halloween.

Already a popular festival period in the US, Halloween is growing in popularity in the UK, with growing numbers of children engaging in trick-or-treat activities. As a result, Halloween-themed malware is also on the rise, with 2007 and 2008 seeing significant attempts by malware creators to infiltrate end user systems. Such attacks use a variety of methods including themed attachments, infected web sites paired with email and Twitter link distribution promising Halloween-themed content, along with 'typo attacks' whereby malware writers set up infected sites and downloads that make use of common address misspellings.

October also sees an increase in conventional malware activity, as malicious software creators use the period to release new and variants of existing malware into the wild.

Data collected by SunbeltLabs has revealed that three of the biggest virus threats around Halloween 2008 remain highly active in the public domain 12 months later. Trojan-Downloader.Zlob.Media-Codec, Trojan-Downloader.braviax and Explorer32.Hijacker all remain in Sunbelt's top 10 malware list one year on, with reported instances of the latter two increasing in overall share since October 2008.

"We advise users to be vigilant and to ensure their antivirus applications are fully up-to-date with the latest definition files and the latest application version installed," explained Sunbelt Software European Sales Engineer Muktadir Khan. "Users should avoid opening any attachments, even from trusted sources, without first running a scan on the file. An effective, updated antivirus and malware solution such as Sunbelt Software's Vipre will ensure machines remain protected from a variety of attacks."

Based on reported activity over the last two Halloween periods, Sunbelt Software has identified the following common types of Halloween-themed attack, users should remain especially vigilant for new variations of these common themes.

* The Dancing Skeleton - Based on emails that lure Halloween lovers to web sites where they can download an application that created the image of a dancing skeleton onto their desktop. Users do indeed get the dancing skeleton, along with the Storm Trojan. The Halloween.exe is part of a malicious Botnet that allows remote attackers to access and control infected computers, accessing personal information and sending yet more infected spam.

* Halloween Gift Cards - The modern-day replacement for gift vouchers, For the last two years, emails have made the rounds offering a free $250 or £250 Halloween gift card when users sign up for a new credit card. This is in fact a scam to harvest your personal and financial information for criminal use at a later date.

* The Big Halloween Sale Email - Like a Bank Holiday, stores are using Halloween as a topical hook to boost sales in these challenging economic times. However, enterprising scammers have been picking up on this tactic with spoof phishing emails purporting to be from trusted brand names, or offering unbelievably good deals. Clicking on a link usually takes you to an infected web site, with the Storm Trojan and derivatives the common sources of infection.

* The Halloween Party Invite - Another email-based attack, this time purporting to invite you to a Halloween-themed party. If it's from an unknown source, it's almost certainly a malware attack, either trying to entice you into clicking a link for more information or to open an attachment with the full invite enclosed. Even if it's from a known source, approach with caution.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo