Symantec has discovered a new attack of the Trojan.Swort, spread via MERS-themed emails. MERS stands for Middle East Respiratory Syndrome – a respiratory virus that is new to humans. The exploitation of the MERS theme is likely provoked by the recent increase of cases in South Korea. Taking advantage of viral outbreaks is not new to attackers. A similar email campaign ‘inspired’ by the Ebola virus was spotted last year.
Symantec Report on Trojan.Swort
Trojan.Swort is a Trojan horse with a low risk level. It has been discovered on October 24, 2014, and is recently revived in the MERS-theme malicious email campaign. As stated by Symantec, Trojan.Swort must be executed manually. After its execution, the threat downloads arbitrary code and compromises the system’s security. Trojan.Swort affects the following Windows versions:
→Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP
Specifications of the MERS-themed Malicious Email Campaign
As already mentioned, the dangerous virus has immersed in South Korea. More than 100 people have been contaminated, and an additional 2,000 patients have been put under quarantine.
Just recently, Symantec has gathered a malevolent sample from external sources, discovering that the threat has been spreading via emails. The file itself is an .exe file that imitates a Microsoft Word document. Interestingly enough, the file name is written in Korean and is translated as it follows:
→“MERS_List of hospital and infected patient.docx.exe”
Fortunately, the campaign is far from sophisticated and is a simple Trojan downloader known as Trojan.Swort. Symantec researchers have reported that the configured remote host is not responsive. Similar attacks may reoccur since the MERS threat is rapidly becoming a global problem, currently affecting Asian countries.
Trojan.Swort Removal Options
Security researchers remind users to be very careful when opening emails from unknown sources. Frequently updating the anti-malware solution is a crucial safety tip. In case users want to be sure that their computers have not been affected by Trojan.Swort, running a full system scan is highly recommended.
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter