H1N1 might actually affect your PC

Malicious hackers have found a way to trick unwary users to install malware on their computers running Windows. The exploit is through fake H1N1 alerts for the vaccines.

The exploit is applied as follows:

1. You receive an e-mail message offering information regarding the H1N1 vaccination.
2. These e-mail messages contain a bogus link to prompting you to create a profile.
3. Clicking on the link in step 2 above will take you to the spoofed website. During which the malware file is implanted on your machine.

Check out this US-CERT advisory which contains some of the e-mail subject lines being used in the spam run. Some examples:

• “Governmental registration program on the H1N1 vaccination”
• “Your personal vaccination profile.”

According to research from AppRiver,  the scam tricks computer users into believe they are part of a “State Wide H1N1 Vaccination Program” and are required to create a vaccination profile on the CDC website.

“The link provided in the email takes you to a very convincing looking imitation of a CDC web page where you are given a temporary ID and a link to your ‘vaccination profile’. The link is in fact…an executable file that contains a copy of a Trojan most commonly identified as xpack or Kryptik…once installed on your PC, this Trojan will create a security-free gateway on your system and will proceed to download and install additional malware without your authorization. It also enables a remote hacker to take complete control of your computer.”

AppRiver further states that the messages are being received at a rate of 18,000 per minute, that is more than one million per hour.

Here take a look at the fake spoofed CDC Web site being used in this attack: