Arguably a small niche group, speakers of the Irish tongue do tend to be tech-savvy given their status as protectors of Irish culture. Many are involved in community activism and academic study around linguistics. These Gaeilgeoirs, however, will probably not find the culprit among them. The virus, called Gaeilge, uses commands that appear to have been poorly translated into Irish. Only about 60% of the message was intelligible.
According to the Donegal Daily website, the targeted user discovered that his computer was locked, and subsequently received a pop-up message warning he may have accessed pornography, so the computer had been frozen by an Irish Government agency. He was then told to pay a €100 fine to have his computer unlocked.
“It’s quite a sophisticated and convincing scam,” said Brian McGarvey, computer technician with Techie2u, speaking to the Irish Times in a subject matter expert capacity. He has been working with computers for 12 years and says that this is the first time he has run across an Irish-language virus. “It has a logo which features an Irish flag and it looks quite official.”
While targeting such a niche population may seem more like sport than actual mal intent, security firm FireEye has found that limited-use domains are on the rise. In 2011, it was common for a link to a malicious domain to be sent out en masse, 10,000 e-mails at a time in some cases. But so far in 2012, cybercriminals are sending a mail with a link to a site tailored for just one organization, or a small group, say three people.
The use of dynamic, throw-away domains has grown from 38% in the second half of 2011 to 46% in the first half of 2012.
“You can research one organization, and be more effective,” explained FireEye researcher Ali Mesdaq. “Rather than taking a shotgun approach, these people are looking for specific data from a specific company. It’s a higher reward undertaking.”