Daily cyber threats and internet security news: network security, online safety and latest security alerts
September 9th, 2008

Fake Sex Scandal Spam Campaign Involving Barack Obama Spreads Malware

Websense Security Labs reports a new spam campaign that uses the US presidential election as a social engineering mechanism to install information-stealing code on a victim’s machine. Emails are circulating with fake news of a sex scandal affecting one of the candidates. Recipients of the email are encouraged to view a video supposedly involving the Democratic candidate Barack Obama. Users who click the link are shown a pornographic video and while the video plays for 14 seconds, malicious applications are installed on the victim’s machine.

The email encourages users to download and run an infected .exe file. MD5 of the Trojan Dropper is 26B861DF715549C537C28E4D60D8D0B7. The dropper installs 809.exe in the user’s Temporary Internet Files folder. Also a Browser Helper Object (BHO) named Siemens32.dll is registered. This is an information-stealing application that currently posts data to a compromised Finnish travel site.

The attack loads spyware onto compromised PCs. Once harvested, stolen information from infected PCs is posted to a compromised web server in Finland, controlled by unidentified hackers.

Virus writers regularly make up news stories or offer illicit clips of celebrities in order to bait malware attacks. Users should never click links in emails received from unknown address and instead, just browse to favorite news website, like  CNN or Google News, for latest developments. Remember, if it looks like you have secret online friends who want you to see Obama’s sex videos first, it’ probably a virus.

Share this item with others:

More on CyberInsecure:
  • Spam Promoting Obama’s Video Confessions Installs Trojan
  • Another Round Of Fake Breaking News Spam Installs Malware
  • After Election: Files Stolen In Obama And McCain Campaigns Cyberattack, Obama-themed Malware Makes Rounds
  • Hacked Obama Site Redirects Visitors to Clinton’s Site
  • Tweeter Support Compromised By Hackers, 33 Accounts Hijacked And Temporarily Suspended

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Fake Sex Scandal Spam Campaign Involving Barack Obama Spreads Malware

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.