Skip to main content

European car firms hit by email malware campaign

Automobile companies are being targeted by a new malware threat that is spreading like wildfire across Europe and stealing a wealth of sensitive information.

Related: The top 10 things you need to know about malware

Symantec reports that the spam campaign, known as Infostealer.Retgate or Carbon Grabber, is aggressively targeting automobile companies with malware that steals encrypted information such as user names and passwords.

“The malicious file will decrypt another executable from its body and inject code into Microsoft Outlook, Internet Explorer, Google Chrome, and Mozilla Firefox processes on the compromised computer. The malware hooks the browser APIs, allowing it to steal information before it is encrypted and sent out to the network,” explained a Symantec blog.

Companies are targeted by a malicious email that claims to be from German company Technik Automobile GMBH, which doesn’t actually exist, that offers to purchase used or pre-owned cars from the company involved. It points recipients to an attachment that claims to list the urgently required vehicles when it is in fact a malicious file that installs the Carbon Grabber malware.

Symantec reports that most of the victims are rental, insurance, commercial transport, and secondary market businesses for commercial and agricultural vehicles, with a wide range of other sectors also targeted.

Of those hit, 48 per cent are automobile firms and the companies are spread across Germany [38 per cent], Netherlands [31 per cent], Italy [24 per cent], and the UK [7 per cent].

Symantec blames the spread of the malware on the fact that only three per cent of companies that it recently surveyed ranked improved online security as high on the list of factors that are a priority.

To combat the threat Symantec recommends that companies keep security defences up to date and be cautious when opening any email attachments.