Gamarue Malware spreading in India: Trend Micro

By : |November 26, 2012 0

Trend Micro has reported that the hotel booking spam has made its way into Indian users’ inboxes.

As per the infection statistics, 1.89 oc of Indian Internet Users have already been affected. The email purporting to be in the name of one of the Hotels has a similar theme to its English counterpart as it contains confirmation and details on an alleged booking reservation.

Gamarue is a family of malware that may be distributed by exploit kits, spammed emails or other malware, and has been observed stealing information from an affected user.

One of the Trend Micro’s Manager received at personal email address and he almost fell for it, given that he travels a lot – until he noticed the address of the hotel. It’s too bad the spammers aren’t as good with geography as making spam: the actual Hotel does not exist in India. While he was initially looking forward to attending the hotel, having read the excellent reviews on TripAdvisor, the email made it clear that this was, unfortunately, a scam. . Good thing though, the attachment was already flagged and detected by Trend Micro as BKDR_ANDROM.P.

“A lot of e-commerce websites pay the price of being popular. Online travel and hotel market has become an attractive target for cybercriminals given the large volume of transactions on hotel and online sites. A frequent traveler who has done a hotel booking or checked reviews recently, in all probability, would be prompted to click that mail. When a user clicks the attachment in this spam mail, the malware known as Gamarue becomes active. It can steal from an affected user any information left behind on the emails and saved on user’s system”, said Suchita Vishnoi, Head Corporate Communications, Trend Micro.

Sophistication and persistence of the cyber crimes today has magnified significantly. Simple measures like installation of foolproof software and using secure websites help in curtailing the menace of cyber threat. Just stop and think before you click on any links or attachments. Trend Micro Smart Protection Network already blocks the related domains and links, as well as block the particular email from even reaching users’ inboxes. It also detects and deletes the files as BKDR_ANDROM.P.

No Comments so fars

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.