Malware RAT rides hoax tsunami to Australia

Crims pinch News logo and expose the great tsunami cover-up.
  • Liam Tung (CSO Online)
  • — 26 November, 2012 10:05

\ mage credit:

Criminals have bundled a backdoor trojan in a spammed fake report that claims Australia will be devastated by a tsunami this New Years Eve.

Using the News Limited digital title’s widely recognised brand, the hoax report claims experts at the Australian “agency of volcanology and seismology” predicted an earthquake “measuring 7 degrees” and a tsunami that would hit Australia at the year's end, causing 50,000 casualties.

A second “natural disaster agency” did not warn Australians of the impending disaster to “avoid panic” among citizens, the hoax claims.

The spam encourages recipients to click a “watch this” button to view a “leaked video” that supposedly confirms the agency's tsunami fears, which in fact installs a remote access tool (RAT) known as Arcom, according to an analysis by security vendor Trend Micro.

RATs offer their controllers the ability to remotely spy on or steal information from the target and this particular tool is offered to online crime groups for $2000, the vendor said.

The “watch now” button downloads a file that purports to be a audio-visual file (AVI), but is actually a backdoor that installs the RAT.

Queensland-based Brett Christensen posted a warning about the malware at the Hoax-Slayer blog last week and handed a sample to Trend Micro.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Tags:, malware

Coding error protects some Android apps from Heartbleed

Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Enterprise Security for Endpoints

Think your endpoints are secure? Think again. Learn why Trend Micro can help.

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).

  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.