This news bit strengthens the presumption that hackers can make use of just about anything to fulfill their malicious motives.
After the occurrence of Charlie Hebdo attack in Paris last week, what followed suite was the trending of #JeSuisCharlie. It became more like a display of solidarity.
However, along with journalists, malwareorganizations are also following this viral trend with great enthusiasm as this has provided them another promising way to spread malware far and wide.
According to the Hugh Thompson, Security Chief at Blue Coat, a security firm, within 24 hours malware companies grabbed this opportunity.
Thompson revealed that “These malware organizations can pivot very quickly. The infrastructure they’ve built out is very dynamic. These folks are definitely predators.”
Ashwin Varnshi from Blue Coat described in his blog post that particularly strenuous is the malware called DarkComet RAT that has greatly benefitted from the Charlie Hebdo disaster.
One example of usage of this trend is the picture in which an apparently innocuous picture of an infant wearing a wrist band that reads “Je Suis Charlie.”
When one downloads this image, a message window gets prompted in French informing that this picture was created in an earlier version of MovieMaker.
Actually, the downloaded image file compromises the user’s security through a remote access toolkit.
This toolkit gives the hacker full control over the user’s device and it becomes easy to send out spam, conduct a personal attack or distribute malware.
Thompson labels these malware companies as street vendors in cities trying to take advantage of every single opportunity that comes their way.
Thompson compares this act of hackers as resembling frustrations and says that it is like selling umbrellas when it’s raining today and water bottle on a warm day tomorrow.
“They’ve got this infrastructure that’s ready to roll,” Thompson says.
Why These Attacks are Effective?
Earth-shattering events like the one happened at Charlie Hebdo office “put people off-kilter” and can easily disrupt their security concerns, says Thompson.
These attacks are not in any way a propaganda attempt to send out political messages but are an attempt to capitalize the emotional state of public after an event of this stature.
What is DarkComet?
It is a malware created originally by a French hacker DarkCoder SC and its attacks very often crosses national borders.
For instance, after the Haiti earthquake, the hackers utilized public eagerness to help the affected populace by putting up fake links to make donations to Red Cross.
Similarly, when Ebola virus erupted, malware firms used public’s fear regarding infected links to dramatic news stories.
According to Thompson, “In this case, there’s a lot of shock that the world experienced around [the Charlie Hebdo shooting], and then there’s a lot of solidarity that came out as a result.”
Blue Coat has shared the information about DarkComet malware with French experts.
However, the security firm claims that this is just one discovery among numerous such cyber-attacks directed to France since last week.
French army’s head of CyberDefense Adm. Amaud Coustilliere explained on Thursday that almost 19,000 French websites have received cyberattacks since January 7.
Coustilliere believes that these attacks are of minute nature but this country for “the first time has been faced with such a large wave of attacks.”
Considering this information Thompson warns people to follow regular internet security practices like ignoring such links for their own protection.
Thompson further asserts that it is important to beware of malware distributors as they will try to benefit from every global tragedy.
Varnshi says: “There really is nothing so sacred that bad people won’t try to exploit it.”