Three of the biggest malware threats that were around during Halloween 2008 remain highly active in the public domain 12 months later, according to data collected by Sunbelt Labs. Trojan-Downloader.Zlob.Media-Codec, Trojan-Downloader.braviax and Explorer32.Hijacker all remain in Sunbelt’s top 10 malware list one year on, with reported instances of the latter two increasing in overall share since October 2008.
Muktadir Khan, Sunbelt Software European sales engineer said: “We advise users to be vigilant and to ensure their antivirus applications are fully up-to-date with the latest definition files and the latest application version installed.
“Users should avoid opening any attachments, even from trusted sources, without first running a scan on the file. An effective, updated antivirus and malware solution such as Sunbelt Software’s VIPRE will ensure machines remain protected from a variety of attacks.”
Classic Threats to Watch Out For
Based on reported activity over the last two Halloween periods, Sunbelt Software has identified some common types of Halloween-themed attacks. Users should remain especially vigilant for new variations of these common themes.
• The Dancing Skeleton – This one is based on emails that lure Halloween lovers to web sites where they can download an application that puts the image of a dancing skeleton on their desktop. Users do indeed get the dancing skeleton along with the Storm Trojan. The Halloween.exe is part of a malicious botnet that allows remote attackers to access and control infected computers, accessing personal information and sending yet more infected spam.
• Halloween Gift Cards – These are the modern-day replacement for gift vouchers. For the last two years, emails have made the rounds offering a free $250 or £250 Halloween gift card when users sign up for a new credit card. This is really a scam to harvest personal and financial information for criminal use at a later date.
• The Big Halloween Sale Email – Stores are using Halloween as a topical hook, like they do bank holidays, to boost sales in these challenging economic times. Enterprising scammers have been picking up on this tactic with phishing emails purporting to be from trusted brand names, or offering unbelievably good deals. Clicking on a link usually takes you to an infected web site and a Storm Trojan downloader.
• The Halloween Party Invite – Another email-based attack, this one purportedly invites you to a Halloween-themed party. If it’s from an unknown source, it’s almost certainly a malware attack, either trying to entice you into clicking a link for more information or to open an attachment with the full invite enclosed. Even if it’s from a known source, approach with caution.