E-mail Scams Using Obama’s Name, Drop Trojans
According to the news from Government Technology published on November 5, 2008, hackers have launched a new campaign to spread malware that uses the name of President-elect Obama. A fake e-mail is circulating showing subject lines like "Obama win preferred in world poll" and posing to be sent from firstname.lastname@example.org.
Security experts state that on opening the e-mail, a link takes the recipient to a video that apparently contains a speech of the President-elect. But when any user clicks on that link in order to watch the video, a Website appears that asks the user to download Adobe Flash 9. However, the file is actually a fake version of Flash that installs a malicious Trojan on the victim's PC and attempts to steal personal information like passwords and credit card details.
Furthermore, SophosLabs has recognized the Trojan as Mal/Behav-027 and stated that it was responsible for 60% of the destructive spam recorded in just one hour. It further said that the program could infect computers by hijacking data and also steal their users' identity.
Meanwhile, the experts have also highlighted certain features of the malicious Trojan. They say the malware uses rootkit technology for concealing itself, and also features the 'backdoor' functionality. Apart from this, it monitors the user's keyboard and mouse movements as well as takes screenshots. Finally, it has been found that the Trojan transmits the stolen data to a server situated in Ukraine.
Also, according to another security company Websense, there are several forms of malevolent e-mails circulating with lures that promise video clips of interviews with Obama's advisers along with parts of his speech of acceptance. Again, clicking on the links provided in the e-mails results in computer infection with data-stealing malware. Few e-mails even use reputable publishing brands like La Republica and Time magazine in their caption as a way to encourage recipients to open the links.
Security experts state that prior to the election, e-mail scammers misappropriated Obama's name to trick recipients. Thus, in September 2008, e-mails flooded inboxes posing to present an Obama sex video which is in fact contained a Trojan.
Related article: E-Crime Reporting Format To Be Launched in July
» SPAMfighter News - 20-11-2008