Skip to main content

Stormy Halloween as hackers try to infect PCs with dancing skeleton

IT security and control firm Sophos has warned that a cyber criminal gang is attempting to hijack the Halloween festivities to infect the PCs of innocent computer users.

Malicious spam emails sent across the internet direct internet users to a Halloween-themed website offering a download of a dancing skeleton game, but really designed to install a Trojan horse that gives hackers remote access to the PC.

Emails containing the malicious links have a variety of subject lines including the following:

Happy Halloween

Dancing Bones

The most amazing dancing skeleton

Show this to the kids

Send this to your friends

Man this rocks

"This is just the latest incarnation of the poisoned ecard attack (also known as Storm) which has dominated the malware scene for months. The gang responsible are experts at choosing topical disguises or crafting alluring emails that the unwary may find difficult to resist," said Graham Cluley, senior technology of consultant. "What's even more frightening is that when innocent users click to see the skeleton dance, the site also plays The Vengaboys song 'Boom boom boom boom'. The good news is that advanced IT security defences are able to stop an attack like this dead in its tracks."

Sophos experts note that this is not the first time that the gang behind the current attack have used festivities to spread their malware. In July, the hackers sent round messages posing as American Independence Day greetings and distributed malicious "Happy Labor Day" messages in September.

Désiré Athow
Contributor

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at ITProPortal.com where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.