Presidential Elections Followed with Malware Attacking Venezuelans

According to Kaspersky Labs the company offering digital security, one fresh PC-virus has been detected that attempts at capturing the Internet credentials of Venezuelans through one web-link, which pretends to provide details regarding the just concluded election for the country's president.

Head of the Research and Analysis Team Dmitry Bestuzhev at the Moscow-situated Kaspersky said in Latin America that perpetrators of the malicious program unleashed it following the presidential election on October 7, 2012 in Venezuela while disseminating it through e-mail. Businessweek.com published this dated October 12, 2012.

Bestuzhev also said that a minimum of 75 customers of Kaspersky as well as others became the malware's target.

According to him, the malware's filename had been called 'listas-fraude-electoral.pdf.exe' that in English meant 'electoral fraud lists.' Clearly, the nomenclature was likely to get a few citizens of Venezuela inquisitive enough following the re-electoral victory of President Hugo Chavez.

The Expert elaborated that potential victims got an e-mail having one web-link embedded. Suppose that web-link was clicked, it would divert the user onto one bogus site that posed as being from 'Globovision' a TV channel of Venezuela.

Interestingly, the malware recognized to be Trojan.Win32.Agent.uael has been created to target Venezuela government employees in addition to routine Internauts.

No sooner is the Trojan planted on a PC it deactivates the UAC (User Account Control) of the OS (operating system). Consequently, the cyber-crooks are facilitated with executing administrative commands devoid of any restriction whatsoever.

Thereafter, the Trojan remains quiet till the victim goes to one website from the total 5, each of a Venezuelan bank. And upon accessing that website, the victim gets led onto one malevolent host where theft occurs of his Internet banking credentials.

Eventually, Trojan.Win32.Agent.uael seizes the login details belonging to government employees after they log into the www.cadivi.gob.ve site which's of The Commission of Currency Administration. Since this Commission provides administering service for legitimate currency transactions inside Venezuela it isn't unnatural for the agency's employees getting attacked.

Conclusively according to Kaspersky, the malicious program getting utilized within the assault has presently been caught via 17 anti-virus engines of the total 44 of ViusTotal.

Related article: Presidential Candidates Spamming Voters

» SPAMfighter News - 10/25/2012