Peaches Posted May 12, 2009 Report Share Posted May 12, 2009 May11Yet More Swine Flu Attacksby Jonathan Leopando (Technical Communications) "Spammers know a thing or two about persistence, it seems. CNET reports a new Trojan—TROJ_QHOST.TB—that is the latest to take advantage of fears of swine flu. TROJ_QHOST.TB modifies the HOSTS file of any affected system, which results to the user being redirected to a spoofed banking-related website whenever they attempt to access the real ones. By which, users are placed at risk of getting their banking information stolen and having it used by an unauthorized user.The attack is pretty similar to earlier ones that have also taken advantage of the swine flu. Spam messages with warnings contain either a link to a malicious website or an attachment to TROJ_QHOST.TB. In turn, the Trojan modifies the system’s HOSTS file to redirect users of certain Mexican banks to a specific IP address.Fortunately, however, the said IP address doesn’t work anymore. However, there’s nothing that stops future variants—or other Trojans—from using the same lure. Users should consider themselves warned"TrendMicro - http://blog.trendmicro.com/ Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.