Malware Translates to Local Language

Tuesday, May 20, 2014 @ 06:05 AM gHale

There is a new variant of the worm known as VOBFUS that is very fluent in the languages of the operating system.

Similar to older versions, WORM_VOBFUS.JDN spreads by copying itself to removable drives as executable files. However, unlike previous variants, the latest VOBFUS names the files depending on the operating system language of the targeted computer, said researchers at Trend Micro.

Malware Attack Approach: Deceptive Tactics
Top Q1 Mobile Threat Target: Android
Firms Watch Data Walk Out the Door
Security and Safety: Perfect Together

Uses who speak English will see files named something like “I love you.exe,” “Naked.exe,” “Password.exe,” “Sexy.exe,” and “Webcam.exe.”

If the operating system is set to another language, the monikers end up translated. The worm can target speakers of the following languages: English, Indonesian, Arabic, Chinese, Bosnian, Czech, Croatian, German, French, Hungarian, Korean, Italian, Polish, Persian, Romania, Portuguese, Thai, Spanish, Slovak, Vietnamese and Turkish.

“Infection by way of ‘localized’ threats could be seen as one way for cybercriminals to transform unsuspecting users into victims,” said Mark Joseph Manahan, a threat response engineer at Trend Micro in a blog post.

“Seeing a file or a notification written in their language might pique users’ interest more than seeing one written in English. Users may also find a false sense of security in these ‘localized’ files and notifications as they might view these as less suspicious than other files.”

One Response to “Malware Translates to Local Language”

  1. […] Fuentes: Malware traduce amenazas según el idioma local (en inglés), portal Industrial Safety and Security Source, 20 de mayo de 2014. […]

Leave a Reply

You must be logged in to post a comment.