This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Rogue anti-virus prevalent on links that relate to Haiti earthquake, as donors encouraged to look carefully for genuine sites

Share this article:

The earthquake that hit Haitian capital Port-Au-Prince earlier this week has led to a huge rise in related malicious URLs.

Zscaler Research reported that only an hour after the 7.0 earthquake hit on Tuesday afternoon, there was a 1,578 per cent increase in URLs visited, with a corresponding 5,407 per cent increase in bandwidth usage for ‘Haiti' URLs.

On the malware front, it reported as seeing an increase in search engine optimisation (SEO) taking advantage of Haiti earthquake search terms to redirect visitors to rogue anti-virus download sites.

This was also echoed by security vendors. Websense Security Labs ThreatSeeker Network discovered that searches on terms related to the earthquake returned results that led to a specific rogue anti-virus program via maliciously engineered search results.

Three samples of malware were discovered, with two having 20 per cent anti-virus coverage and another having eight per cent.

Also, F-Secure reported that a link titled as ‘Haiti earthquake donate' leads to a website that installs a rogue into the system that it claims is supported by F-Secure.

Mathew Nisbet, malware data analyst at Symantec Hosted Services, noted an upturn in spam and poison search results designed to exploit individuals' generosity.

He said: “The humanitarian crisis caused by the Haitian earthquake has captured the world's sympathies and people are flocking to donate online. Sadly these are exactly the conditions that a cynical scammer would be looking to exploit, as the desire to help can often cloud a person's good judgement.

“They count on the public's good nature, concern and desire to help, and hope that they won't see through the scam email which they are reading.”

David Harley, director of malware intelligence at ESET, said: “It would be naive to contend that the security industry is entirely altruistic when it points to potential problems: we make our living from making people safer, or trying to. However, I'm not about to apologise for that any more than I expect my doctor to apologise for making his living out of accidents and diseases.

“You can be as cynical as you like about how successful we are, but most of the people I know in the industry aren't in it purely for the money. And the warnings I have been seeing about SEO poisoning, scams, malware, rogue AV and so on, may increase sales directly or indirectly, but if they do encourage people to help themselves by whatever means, surely that's a good thing?

“However, I've noticed several people in the industry or somehow connected to it taking what you might consider a more positive approach to evading some of these issues, by pointing to legitimate aid resources. As with other kinds of phishing, scamming and so on, you'll be much safer going to known legitimate resources than responding to unsolicited requests for help from unverified sources.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Mixed results for key Government cyber-initiatives

Mixed results for key Government cyber-initiatives

The Government's Verify scheme to confirm IDs is behind scheuduled uptake, but its CISP threat intelligence sharing scheme is ahead of target.

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU ...

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers ...

Cyber security still a learning curve for most companies

Cyber security still a learning curve for most ...

Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two ...