Low-life criminals are capitalizing on people’s fears of the Zika virus in order to infect computers with malware.
According to a fact sheet published by the World Health Organization (WHO), the Zika virus is a disease that is transmitted primarily by Aedes mosquitoes, though it has been shown to be sexually transferrable in a small number of cases.
Symptoms are generally mild. Most people who contract the disease experience a fever, conjunctivitis, muscle and joint aches, skin rashes, malaise, and/or a headache for between two and seven days, at which point in time the virus goes away on its own.
In some cases, however, the virus is known to cause complications. Health officials have observed an increased rate of microcephaly, or abnormal smallness of the head that is related to incomplete brain development, in babies born from mothers who contracted the Zika virus while they were pregnant.
This complication in particular has spurred the WHO to declare the Zika virus a level 1 outbreak and to declare a Public Health Emergency of International Concern (PHEIC).
There is currently no treatment for the Zika virus, which has led to widespread fears among expecting mothers all over the world.
Unfortunately, computer criminals are now beginning to exploit these fears for nefarious purposes.
In an article published last week, Satnam Narang, senior security response manager at Symantec, discusses one attack campaign in particular that is leveraging spam emails in an attempt to infect users with malware:
“The malicious spam email claims to be from Saúde Curiosa (Curious Health), a health and wellness website in Brazil. The subject of the email says, “ZIKA VIRUS! ISSO MESMO, MATANDO COM ÁGUA!” which translates to: “Zika Virus! That’s Right, killing it with water!”
The email itself uses imagery and text taken from a real article on Saúde Curiosa, but includes buttons and attachments to try to capture the recipient’s attention, such as “Eliminating Mosquito! Click Here!” and “Instructions To Follow! Download!” as well as a file attachment.”
The clickable buttons in the email redirect users, via a bit.ly-shortened URL, to a Dropbox file that was downloaded 1,610 times between February 5th and February 18th.
Both the file and the attachment have been identified as JS.Downloader, a malicious dropper that attempts to install other malware onto a user’s infected machine.
Computer criminals have long been leveraging popular fears and dramatic international events to infect users with malware.
Some of the events coopted by attackers as lures in recent years include swine flu fears, the 2013 Spanish train disaster that killed 77 people, the United States’ military involvement in Syria, and the mysterious disappearance of Malaysia Airlines Flight MH370.
It takes a true low-life to abuse people’s concerns for a virus in order to spread malicious software.
Fortunately, it doesn’t take much to avoid these emails. All a user needs to do is be careful about where they sourcetheir information.
Social media and email might provide a useful indication of breaking news, but it’s better to go to the sites of reputable news agencies and the WHO directly, to find out the details for yourself.
As always, be careful what you click on, especially those emails that prey on panic and fear.