This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Rogue anti-virus prevalent on links that relate to Haiti earthquake, as donors encouraged to look carefully for genuine sites

Share this article:

The earthquake that hit Haitian capital Port-Au-Prince earlier this week has led to a huge rise in related malicious URLs.

Zscaler Research reported that only an hour after the 7.0 earthquake hit on Tuesday afternoon, there was a 1,578 per cent increase in URLs visited, with a corresponding 5,407 per cent increase in bandwidth usage for ‘Haiti' URLs.

On the malware front, it reported as seeing an increase in search engine optimisation (SEO) taking advantage of Haiti earthquake search terms to redirect visitors to rogue anti-virus download sites.

This was also echoed by security vendors. Websense Security Labs ThreatSeeker Network discovered that searches on terms related to the earthquake returned results that led to a specific rogue anti-virus program via maliciously engineered search results.

Three samples of malware were discovered, with two having 20 per cent anti-virus coverage and another having eight per cent.

Also, F-Secure reported that a link titled as ‘Haiti earthquake donate' leads to a website that installs a rogue into the system that it claims is supported by F-Secure.

Mathew Nisbet, malware data analyst at Symantec Hosted Services, noted an upturn in spam and poison search results designed to exploit individuals' generosity.

He said: “The humanitarian crisis caused by the Haitian earthquake has captured the world's sympathies and people are flocking to donate online. Sadly these are exactly the conditions that a cynical scammer would be looking to exploit, as the desire to help can often cloud a person's good judgement.

“They count on the public's good nature, concern and desire to help, and hope that they won't see through the scam email which they are reading.”

David Harley, director of malware intelligence at ESET, said: “It would be naive to contend that the security industry is entirely altruistic when it points to potential problems: we make our living from making people safer, or trying to. However, I'm not about to apologise for that any more than I expect my doctor to apologise for making his living out of accidents and diseases.

“You can be as cynical as you like about how successful we are, but most of the people I know in the industry aren't in it purely for the money. And the warnings I have been seeing about SEO poisoning, scams, malware, rogue AV and so on, may increase sales directly or indirectly, but if they do encourage people to help themselves by whatever means, surely that's a good thing?

“However, I've noticed several people in the industry or somehow connected to it taking what you might consider a more positive approach to evading some of these issues, by pointing to legitimate aid resources. As with other kinds of phishing, scamming and so on, you'll be much safer going to known legitimate resources than responding to unsolicited requests for help from unverified sources.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

NCA wants security pros to become cybercrime fighters

NCA wants security pros to become cybercrime fighters

The UK's National Crime Agency is on the hunt for cyber security professionals to "join the fight against some of the world's most significant cyber criminals" on salaries ranging from ...

GCHQ head says agency was 'never involved in mass surveillance'

GCHQ head says agency was 'never involved in ...

Sir Iain Lobban says GCHQ staff "are normal decent human beings who watch EastEnders and Spooks".

Apple Mac OS criticised for sending search results to third parties

Apple Mac OS criticised for sending search results ...

Apple is under pressure to make changes to the Spotlight feature on the new Mac OS X Yosemite 10.10, which tracks location and sends data back to the firm and ...