Viral Outbreak Inspires MERS-themed Malware

mers malware

A human virus is a lot like a piece of malware, “downloading” itself into your system and draining your vital resources for its own ends. So it’s ironic that Middle East Respiratory Syndrome (MERS), a viral infection that has claimed 36 lives and infected 186 people in South Korea, is the latest inspiration for email attackers to scare victims into downloading malicious attachments.

Earlier this month, the anti-virus software provider Symantec discovered an email campaign that encouraged recipients to download a Microsoft Word document purporting to be a list of hospitals and patients in South Korea infected by MERS. The file is actually an .exe file Symantec identified as Trojan.Swort, a relatively low-risk piece of malware (unlike the actual virus MERS, Trojan.Swort requires a manual download).

Cloud security firm Trend Micro discovered a similar attack in Japan this month, in which an email sent to a Japanese media company claimed to provide information on MERS prevention, but actually forwards to a site that drops ZXShell, a backdoor file commonly used in malicious software attacks. Bloggers at Trend Micro believe attacks on media companies might be motivated by events like the 2014 Sony hack, in which malware leaked employees’ personal emails and exposed sensitive politics surrounding their films.

Even if you don’t live in a MERS-affected area, it’s important to remember the fear and paranoia surrounding any health scare is a perfect excuse for attackers to exploit you and your data. Don’t download attachments or click on links from any sender you don’t know!


Featured image: igor / Dollar Photo Club