(Bloomberg) -- Edward Snowden’s memoir “Permanent Record” is a best seller. Hackers are trying to cash in on it, too.
A type of malware called Emotet is being embedded in an email phishing campaign that offers Snowden’s book as an attachment. The spam email claims the former government contractor’s story has been banned, then encourages readers to download, read and share his book, according to Malwarebytes Inc., which analyzed the campaign in recent days.
But when a recipient clicks on the attachment, there’s no book. Instead, there’s a link that, if selected, buries malicious code into the unlucky clicker’s device. Malwarebytes said it discovered the emails in English, Spanish, German, Italian and French.
”It’s going to be pretty effective, especially since people might be tempted to open up the book for free,” said Jerome Segura, director of threat intelligence at Malwarebytes. “This one maybe more than others because it’s a smarter social engineering trick.”
Snowden, who remains in exile in Russia since using his National Security Agency clearance to expose state secrets in 2013, is being sued by the U.S. Justice Department for publishing the book without the agency’s permission. The U.S. has asked a federal judge to grant the government all of Snowden’s earnings from the book.
Emotet is typically used in tandem with other viruses to infect devices. Once infected, hackers will use additional malware to steal financial data or install ransomware. The Department of Homeland Security calls it “among the most destructive malware” on the internet.
To contact the reporter on this story: Kartikay Mehrotra in San Francisco at kmehrotra2@bloomberg.net
To contact the editors responsible for this story: Andrew Martin at amartin146@bloomberg.net, Jillian Ward
For more articles like this, please visit us at bloomberg.com
©2019 Bloomberg L.P.