MALWARE ALERT: Beware Of Email Purporting To Come From The U.S. Centers For Disease Control And Prevention (CDC)

The swine-flu (H1N1) outbreak has led to a “strikingly large malware campaign,” AppRiver reports.

An email being sent out by spammers at a rate of 18,000 per minute purports to be from the U.S. Centers for Disease Control and Prevention (CDC), but is actually from a fake CDC site that installs malware.

Recipients are asked to complete registration for the “State Vaccination H1N1 Program,” and then their computers become infected.

“The link is in fact to an executable file that contains a copy of a Trojan most commonly identified as xpack or Kryptik,” AppRiver reports.  “[O]nce installed on your PC, this Trojan will create a security-free gateway on your system and will proceed to download and install additional malware without your authorization. It also enables a remote hacker to take complete control of your computer. This malware can log your typed keystrokes and send confidential personal and financial data (including banking information, credit card numbers, and website passwords) to a remote hacker.”

News of the swine-flu spam and malware attack came just days after Alan M. Ralsky, the “Godfather of Spam,” and three fellow spammers were sentenced to terms in federal prison.

Ralsky, 64, of West Bloomfield, Mich., received 51 months. Scott Bradley, 48, also of West Bloomfield, received 40 months.

Ralsky and Bradley also were sentenced to five years of supervised release following their release from prison. Each man was ordered to forfeit $250,000 seized by prosecutors in December 2007.

How Wai John Hui, 51, a resident of Hong Kong and Canada, was sentenced to 51 months in prison.

Hui was sentenced to three years’ supervised release following his prison term, and agreed to forfeit $500,000 to the United States.

John S. Bown, 45, of Fresno, Calif., was sentenced to 32 months in prison and three years’ of supervised probation after release.  He agreed to forfeit $120,000 to the United States.

About the Author

2 Responses to “MALWARE ALERT: Beware Of Email Purporting To Come From The U.S. Centers For Disease Control And Prevention (CDC)”

  1. All I can say is install and run Malware Bytes.

    It’s free and works the best of all the anti-spyware programs I have used.

  2. Thanks for the warning Patrick and for the tip db