Google’s new online collaborative space, Google Wave, is being used as bait by malware writers to spread Trojans. The exclusivity of the service in its current form as a limited preview renders anything or anyone offering access to it attractive. Since membership is on an invitation-only basis, cyber criminals have used fake tools which supposedly generate invitations to install Trojans on the PCs of unsuspecting users.
The glut of new Trojans riding on the back of the popularity of Google Wave was identified in a recent report released by Symantec. The Trojan is based on the Xrumer spam tool and is spread through social networking sites, forums and of course email. Disguised as a program that will automatically gain the user multiple invites to Google Wave, it plays on individual greed by suggesting that the recipient might sell on the invitations. Once the tool is downloaded and installed, a compromising back door is left behind, leaving the infected PC open to attack and control by a third party.
The use of Google Wave by malware writers is symptomatic of a larger problem. Criminals have been using the internet to exploit trends and popular services to their own ends and this practice is made still easier thanks to the availability of trend and keyword-tracking sites.
The implied security and confidence which accompanies the Google brand name is seen to be the key component behind the success of such spam and malware campaigns. Symantec’s Patrick Fitzgerald reaffirmed that such attacks rely upon both the popularity of the service and the associated power of the brand behind it. In this case, Google has created what could be the next generation of online collaborative communication networks and has intensified public interest by restricting access. Criminal exploitation of a widespread desire to access Google Wave through deals which appear too good to be true has proven to be worryingly easy. As always, the success of these endeavours relies upon the greed of the individual and vigilance against such malware is essential. Ultimately, protection is as simple as remembering to only trust content from official sources.
