According to security firm SophosLabs, the site exploits Internet Explorer vulnerabilities to install any number of Trojans, including Cgab-A, Borobot-P, Borobot-Q, Borodldr-H and Inor-R.
Websense Security Labs reports that the Katrina-inspired email scam also has the capability to download a second malicious file, which also is a Trojan. The second Trojan fools users into receiving a free scan for the Zotob worm, when in fact the program infects the users’ computer and allows hackers to take control of the PC.
The malware site is reportedly hosted in Poland. Typical subject lines contain lures such as: "g7 80 percent of our city underwater" or "q1 Katrina killed as many as 80 people."
Other similar malware attacks taking advantage of worldwide disasters came on the heels of last year’s tsunami, which struck Indonesia, and the recent terrorist train bombings in London.
Internet security firms have put out additional warnings to users in the wake of the Hurricane Katrina disaster to be wary of emails soliciting donations for flood victims. The SANS Internet Storm Center has warned that fake fundraising foundations can easily steal user names and passwords and install malicious software on their PCs.
"The hurricane is a dreadful natural disaster, and it's sickening to think that hackers are prepared to exploit the horrendous situation in an attempt to break into computers for the purposes of spamming, extortion and theft,” Graham Cluley of Sophos said. "Everyone should ensure they have defenses in place to properly protect against the very latest malware attacks."
