A Virtual Card for You

By Jimmy Daniels
Contributing Writer, RealTechNews

Holy sh*t Batman, Internet hoaxes can come true, sort of. From the Batcave, the researches at Facetime have found another instant messenger worm making the rounds, W32Heartworm.A. As anyone who has been online very long, there are lots of hoaxes out there, trying to get users to flood the internet with useless email traffic, but this bit of malware is looking to take advantage of one such hoax, A Virtual Card for you. In this one, the bad guys pop up a window to the fake virtual card hoax while tying it in to a real virtual card exploit.

I asked Wayne Porter, Senior Director of Special Research (a new division I can’t comment on) for his opinions given his background studying memetic engineering. “This is a cultural camouflage approach which we call “hoax cloaking”. It is a defensive construct that adopts the very lore, memes and culture of the Internet to serve as a self-preservation and cloaking mechanism, much like the advanced construction of a “media virus”.

For example, a natural response from a user might be to Google “A Virtual Card For You” to see if the card is an exploit or safe. At the moment Google, a trusted search engine, returns results from respected and trusted security companies like Sophos, Symantec, Mcafee, Trend Micro, and F-Secure all warning this is a hoax and the rest of the sites are very well known and trusted hoax busting sites. The criminal taps into three layers of trust using a hoax which is pretty sophisticated behavior and pretty rarely seen. Source: Spywareguide.com

We Say: As these instant messaging worms and exploits get more sophisticated, we are more and more in need of companies like AOL, MSN, Google, ICQ to block these exploits from the network, and catch them all. Even experienced users can get caught, we’ve all been doing something on the Internet and up pops an instant messaging box and steals the focus, so no one is immune.