Fake Prez. Campaign Video Spreads Malware
Spammers are taking advantage of public awareness about the U.S. presidential race to trick people into installing malicious software. A recent blast of spam purports to contain links to a video of Sen. Hillary Clinton (D-N.Y.) on the campaign trail, links that in fact lead to software that tries to turn the viewer's PC into a spam-spewing zombie.
The spam campaign, detailed in a brief writeup by researchers at Symantec Corp., encourages recipients to click on a link to download a video interview with Clinton. The link actually fetches a Trojan downloader, which in turn tries to pull down another nasty file that installs a rootkit -- a package of tools designed to hide malicious files on the system and prevent their removal. The malicious program also contacts several different Internet servers for instructions to enlist the victim's PC's help in future spam campaigns. Symantec detects this threat as Trojan.Srizbi.
Zulfikar Ramzam, a senior principal researcher at Symantec, said when hovered over with a mouse arrow, the link to the fake Clinton video looks as though it will take the visitor to a Google search result. In fact, Ramzam said, the link uses special Google search terms to redirect anyone who clicks through to the attacker's site, which tries to push down the Trojan.
Back in 2007, when security experts were queuing up to predict security threats that would emerge in 2008, many -- including Symantec -- warned that we'd see scammers using the presidential campaigns as bait. But this isn't exactly the first time this election cycle that a presidential candidate's campaign has been connected with malicious software attacks. In October, millions of spam e-mails were blasted out promoting the candidacy of Texas GOP hopeful Rep. Ron Paul. Researchers at Atlanta based SecureWorks later tied that spam run back to a network of PCs that had been infected with the very same Trojan horse program used in this latest attack -- our friend Mr. Srizbi.
Coincidence? You decide. But at least the bad guys aren't singling out one particular political party over another. So far, we haven't seen malware attacks apparently designed to disrupt a U.S. election, but the potential for such activity certainly exists (political phishing, anyone?), particularly if candidates aren't taking precautions to ensure that their online fundraising systems can't easily be abused by credit card thieves.
February 14, 2008; 4:50 PM ET
Categories: Fraud , From the Bunker , Latest Warnings , Safety Tips , U.S. Government
Save & Share: Previous: Beware Bogus E-Valentines
Next: Research May Hasten Death of Mobile Privacy Standard
Posted by: DC | February 15, 2008 10:54 AM | Report abuse
Posted by: Bk | February 15, 2008 1:41 PM | Report abuse
Posted by: DC | February 15, 2008 1:45 PM | Report abuse
Posted by: DC | February 15, 2008 1:46 PM | Report abuse
Posted by: Bk | February 15, 2008 1:52 PM | Report abuse
Posted by: DC | February 15, 2008 2:08 PM | Report abuse
Posted by: JM | February 15, 2008 3:04 PM | Report abuse
Posted by: Pete from Arlington | February 20, 2008 12:43 PM | Report abuse
Posted by: N.Walter | February 21, 2008 12:49 PM | Report abuse
The comments to this entry are closed.