Edward Snowden’s memoir Permanent Record is a best seller. Hackers are trying to cash in on it, too.
A type of malware called Emotet is being embedded in an email phishing campaign that offers Snowden’s book as an attachment. The spam email claims the former government contractor’s story has been banned, then encourages readers to download, read and share his book, according to Malwarebytes Inc, which analysed the campaign in recent days.
But when a recipient clicks on the attachment, there’s no book. Instead, there’s a link that, if selected, buries malicious code into the unlucky clicker’s device. Malwarebytes said it discovered the emails in English, Spanish, German, Italian and French.
”It’s going to be pretty effective, especially since people might be tempted to open up the book for free,” said Jerome Segura, director of threat intelligence at Malwarebytes. "This one maybe more than others because it’s a smarter social engineering trick.”
Snowden, who remains in exile in Russia since using his National Security Agency clearance to expose state secrets in 2013, is being sued by the US Justice Department for publishing the book without the agency’s permission. The US has asked a federal judge to grant the government all of Snowden’s earnings from the book.
Emotet is typically used in tandem with other viruses to infect devices. Once infected, hackers will use additional malware to steal financial data or install ransomware. The US Department of Homeland Security calls it "among the most destructive malware” on the Internet. – Bloomberg
Did you find this article insightful?