Welcome! We regret to inform you that the Injury Board National News Desk has been discontinued. Feel free to browse around and enjoy our previously published articles, or visit The Injury Blog Network for the latest in personal injury news.

CDC Gets Sick

Posted by Jane Akre
Thursday, December 03, 2009 10:40 AM EST
Category: Protecting Your Family
Tags: Hackers, Computer Malware, CDC, Confidentiality, Trojan

Hackers create a malware program to infect the CDC Web site.

Trojan Malware Infects Swine Flu Users


IMAGE SOURCE: AppRiver copy of malware from Web site

The email appears to be coming from the Centers for Disease Control and Prevention (CDC). But instead of protecting your health it serves up a Trojan malware to make your computer sick.

Hackers have figures out how to send out what appears to be legitimate email that appears to come from the CDC. It invites readers tocreate a profile for a swine flu vaccine program.

But according to security provider, AppRiver, it’s a malware scam.

Digital Degenerate reports it first saw the campaign about 8:15 (CST) Tuesday morning.

Here’s how it works – the visitor receives a temporary ID and a link to a profile. It is actually an executable file containing a copy of a Trojan most commonly identified as Zbot, reports AppRiver.

MacAfee reports the file is a VERY recent Zeus Trojan variant. When that is installed, the Trojan opens your computer creating a security-free gateway that allows additional malware into your computer without any further authorization from you.

Say goodbye to any security. The hacker can steal data from your computer including credit card information and passwords, it can log your typed keystrokes and send confidential personal and financial data to a remote hacker.

AppRiver says it’s reached more than one million in the first hour alone at a rate of 18,000 messages per minute. You are advised to ignore any email from the CDC that invites users to create a profile on the CDC Web site as part of a “State Vaccination H1N1 Program.”

MacAfee also says the email may be associated with other campaigns including:

Governmental registration program on the H1N1 vaccination
State Vaccination H1N1 Program
Your personal Vaccination Profile
Create your personal Vaccination Profile
State Vaccination Program
Creation of personal Vaccination Profile
Instructions on creation of your personal Vaccination Profile
Creation of your personal Vaccination Profile

According to McAfee, “The domains in the email were registered or updated a week before the campaign began. The whois information associated with the domains indicate that most of them were registered with a Belgium registrar at active24.be.

“The DNS servers that are authoritative for the spam domains were purchased from a Chinese registrar “Xin Net Technologies”, but the DNS servers themselves are being hosted from locations in the US, Japan and Hong Kong. We even see some of the dns servers being used as previously having been associated with sending spam mail for the Cutwail botnet, which has been known to use the Zeus Trojan. This could indicate the possibility that some the dns servers themselves may simply be infected hosts.

“These hostnames are associated with 135 distinct IP addresses associated with the websites hosting the Trojan, which stem from all over the world and appear to be dsl accounts.

“The primary countries hosting the websites at the time of this writing are in Colombia, Brazil, India, Malaysia, Chile and Argentina.” #

No Comments

Comments for this article are closed.

About the National News Desk

Our mission is to seek the complete truth and provide a full and fair account of the events and issues that surround personal safety, accident prevention, and injury recovery.  We are committed to serving the public with honesty and integrity in these efforts.

Hurt in an accident? Contact an Injury Board member

Subscribe to Blog Updates

Enter your email address if you would like to receive email notifications when comments are made on this post.

Email address


RSS Feed

Add the National News Desk to your favorite RSS reader

Add to Google Reader Add to myYahoo Add to myMSN Add to Bloglines Add to Newsgator Add to Netvibes Add to Pageflakes