CIO Today HOME LATEST NEWS NEWSLETTERS SEARCH Search
  LATEST NEWS FOR SATURDAY MARCH 25

Close Search Box
CIO Today
NETWORK SECURITY
Obama, McCain Used in Malicious Spam Attacks
Posted November 6, 2008
Obama, McCain Used in Malicious Spam Attacks
Next Story
EARLIER
Adobe Reader Patch Fixes Remote-Control Vulnerability
THIS STORY
Obama, McCain Used in Malicious Spam Attacks
Next Story
LATER
Researchers Crack WPA Security for Wireless Networks
YOU ARE HERE:   HOME arrow NETWORK SECURITY arrow THIS STORY
NEWS OPS

By Jennifer LeClaire. Updated November 6, 2008 9:58AM

SHARE

ALSO SEE

Security research firm Sophos on Wednesday discovered attackers have launched their own presidential campaign. Attempting to exploit President-elect Barack Obama's historic victory, the spam attack sends e-mails with the subject line "Obama win preferred in world poll" and a return address of news@president.com.

Clicking a link in the e-mail takes victims to a Web page that insists on downloading Adobe Flash 9 to view a video of the first African-American president's "amazing speech." The scam is this: It's not really Flash. It's dangerous malware.

Victims who download get a Trojan horse that Sophos has labeled Mal/Bahav-027. PC users infected with this malware could find their data compromised or have their identity stolen.

Anatomy of Obama Malware

Sophos has identified some key characteristics of the Trojan. The malware contains rootkit technology that allows it to remain hidden. It's designed to steal information from an infected computer. And it has a general backdoor functionality.

If that doesn't sound bad enough, this malware also has the ability to record keyboard and mouse inputs and can take screenshots. It looks for passwords, and it submits the information to a Web server in Kiev, Ukraine.

This isn't the first time attackers have tried to exploit Internet users during the presidential race. In September, hackers targeted Windows users with an e-mail claiming to contain a sex video of Obama.

Stop Clicking Links

It's not surprising that cybercriminals take advantage of the world's biggest news stories as an obvious trigger for people to open e-mails or click links, according to Graham Cluley, a senior technology consultant at Sophos.

"In many ways, this campaign is identical to past attacks which have pretended to link to sexy videos of Britney Spears, Paris Hilton or Angelina Jolie," he said. "It's just that this time they chose the next leader of the USA -- who is probably the biggest celebrity on the planet right now -- rather than a female starlet."

Cluley recommends people keep security software up to date, but he said Internet users also need to learn to think twice before clicking on links in unsolicited e-mails. Internet users, he continued, also need to realize that they should go directly to a vendor's Web site to download extensions like Adobe Flash rather than trusting a link on an unknown Web site.

McCain Dies of Heart Attack?

On Thursday, Sophos reported yet another presidential campaign-related attack. New spam campaigns are promoting an online Canadian pharmacy using sensational subject lines about both Sen. John McCain and Obama.

Those subject lines claim to have news about McCain's wife in a private video, McCain dying of a heart attack, and Obama and McCain being killed.

The spammers are trying to get Internet users to open their e-mail so they can advertise Viagra. But the spammers didn't even spell the names of the campaign rivals correctly -- perhaps, Cluley said, to evade spam filters.

"Claiming that Barack Obama and John McCain have died, or that Cindy McCain has been exposed on video, takes a truly sick mind," Cluley said. "Would you really want to buy anything from the kind of pond life behind these e-mails?"

Tell Us What You Think
Comment:

Name:

MORE IN NETWORK SECURITY

Next Article >

INSIDE CIO TODAY NETWORK SITES SERVICES BENEFITS