Spam Unleashed Exploiting Osama bin-Laden’s Assassination
Cyber-criminals reportedly are unleashing malware scams by exploiting the hot news of the assassination of Osama bin-Laden on May 1, 2011 via a Navy SEAL action of the United States inside an extravagant fortified house situated in Abbottabad (Pakistan), highlight security researchers and which EWeek.com published on May 8, 2011.
Citing an example, the researchers from F-Secure an anti-virus software company caution that malevolent spam campaigns are targeting several U.S government departments utilizing the theme of Osama bin-Laden's killing.
With the header "Courier who led U.S to Osama bin-Laden's hideout identified,' the malicious electronic mails contain a plain standard phrase "to whom it may concern."
There is also a file named Laden's Death.doc" attached in the e-mails that say the researchers contains an RTF attack code exploiting the CVE-2010-333 vulnerability of the heap overflow kind that Microsoft fixed during November 2010 with a patch.
Earlier also similar assaults exploiting the vulnerability were to occur during December-end 2010, Microsoft had warned.
Meanwhile, in the current instance, one sanitized file is also attached, which acts harmless for preventing any possible suspicion as it provides details of Abu Ahmad al-Kuwait, the individual who understandably showed the way to US intelligent agents where Osama bin-Laden stayed hidden.
States F-Secure that when the assault within the above instance worked out effective it planted a Protux Trojan variant that is a backdoor letting access to the infected PC and controlling it from the remote.
Remarked Chief Research Officer Mikko Hypponen for F-Secure that he thought the malicious bin-Laden campaigns would go on for months, thus published Reuters.com in news on May 4, 2011.
Apparently, PC-hackers design such assaults for exploiting different kinds of ongoing news. Consequently, scams of similar kinds were unleashed around the marriage ceremony in the British royal family, the World Cup football game and the Japanese tsunami, note the researchers.
Said Chief Security Officer Jeff Moss for ICANN (Internet Corporation for Assigned Names and Numbers), cyber-criminals forever were prepared with something to unleash lest an opportunity emerged. For, incidences like a tsunami, an earthquake or food scarcity was always there, Moss said in conclusion.
Related article: Spam Scam Bags a Scottish Connection
» SPAMfighter News - 14-05-2011