Fake Sex Scandal Spam Campaign Involving Barack Obama Spreads Malware
Websense Security Labs reports a new spam campaign that uses the US presidential election as a social engineering mechanism to install information-stealing code on a victim’s machine. Emails are circulating with fake news of a sex scandal affecting one of the candidates. Recipients of the email are encouraged to view a video supposedly involving the Democratic candidate Barack Obama. Users who click the link are shown a pornographic video and while the video plays for 14 seconds, malicious applications are installed on the victim’s machine.
The email encourages users to download and run an infected .exe file. MD5 of the Trojan Dropper is 26B861DF715549C537C28E4D60D8D0B7. The dropper installs 809.exe in the user’s Temporary Internet Files folder. Also a Browser Helper Object (BHO) named Siemens32.dll is registered. This is an information-stealing application that currently posts data to a compromised Finnish travel site.
The attack loads spyware onto compromised PCs. Once harvested, stolen information from infected PCs is posted to a compromised web server in Finland, controlled by unidentified hackers.
Virus writers regularly make up news stories or offer illicit clips of celebrities in order to bait malware attacks. Users should never click links in emails received from unknown address and instead, just browse to favorite news website, like CNN or Google News, for latest developments. Remember, if it looks like you have secret online friends who want you to see Obama’s sex videos first, it’ probably a virus.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.