Akihabara distributing malware too?

It is surprising how fast the cyber-crooks take advantage of any eye-catching news to distribute malware. Less than two days after the tragic event that took place in Tokyo “Tomohiro Kato – Akihabara Killer”, we detected an email that used this news as a bait to deceive users.

The email seemed to come from an address belonging to the RPP news (Radio Programas del Perú) in order to pass itself as a trustworthy source. However, you can check in the following URL, which makes reference to the official news published by RPP, that it is totally different to the news included in the malicious email message, where after a brief description of the event, users are enticed to download and see a video regarding this news. However, what they actually download and install in the system is the Trojan QHost.IH.

KIller!

This malware is designed to modify the hosts file by adding four fake websites of a certain banking entity. This way, if users visit any of the websites included in the hosts file, they will not be redirected to the original one but to another imitating the original website.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: