Hackers Spread Malware Using Saddam-Related Themes
E-mail messages with Trojan horses have been circulating that claim to contain video shots of Saddam Hussein's execution, said Finnish security company F-Secure in its press release on Monday. Typical hustlers and cyber criminals carried out this tactic believes F-Secure. The company said it was not surprised that such a malicious Hussein spam appeared.
So far, F-Secure has identified three separate items of malware constructed around a Saddam Hussein theme. Two of them - Banload.bsw and Banload.bsx pretend to be displaying a YouTube search result page that provide hits relating to a Portuguese keyword "enfarcado" meaning execution. All the three codes are actually trojans that install a spyware keylogger that capture passwords of online bank accounts.
F-Secure's chief research officer Mikko Hypponen said on the company blog that they have, until now, seen three different pieces of malware with themes relating to Saddam. They have detected them as W32/Banload.BSW, W32/Banload.BSX, and Trojan-downloader.Win32.Delf.acc.
Earlier too scammers have been using Saddam theme several times.
In February 2005, worm loaded e-mails that supposedly included photos of Saddam Hussein killed while attempting to escape, circulated to hack PCs. The spam mails generated by the Bobax.h worm appeared with subject head being "Saddam Hussein - Attempted Escape, Shot Dead Attached some pictures that I found."
The attached file, however, was nothing but a worm, which on clicking spread to other PCs. Then after disabling anti-virus and security programs, it dropped an e-mail relay module, which remote hackers used to send spam.
Soon after that a Nigerian spam occurred. The fraudsters tried to fool recipients into giving away money by presenting a portion of Hussein's private fortunes in exchange of hiding large volumes of cash in British bank accounts.
After Hussein's execution on December 30, 2006 somebody captured the former Iraqi dictator's execution on a cell phone camera and distributed it widely on the Internet and through mobile networks.
Worm writers who have in the past used renowned names; politicians like Bill Clinton to celebrities such as Jennifer Lopez as baits have now done the same with 'Saddam Hussein' to commit identity fraud by luring users into opening attachments.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 17-01-2007