Network News

X My Profile
View More Activity

Malware Piggybacks on Obama Win

Cyber criminals are blasting out massive amounts of spam touting a video of President-elect Barack Obama's victory speech. Recipients who click the included link are taken to a site that prompts visitors to install an Adobe Flash Player update. The bogus update, however, is actually a data-stealing Trojan horse.

obamamal.jpg

The messages, with such subject lines as "election results winner," and "the new president's cabinet?", and "fear of a black president," direct recipients to a site featuring a picture of Obama beneath an official U.S. government seal and the domain name america.gov (the real domain names used to host these fraudulent sites appear to differ from message to message). Beside Obama's visage is an embedded video player that reads "loading player." A few seconds after the site loads, the visitor is prompted to download the malware, disguised as "adobe_flash9.exe".

Anti-virus firm Sophos says this piece of malicious software represents as much as 60 percent of all the malicious spam seen in their labs today. According to an analysis by computer security software maker F-Secure Corp., the malware is a data-stealing Trojan horse that uses a rootkit to hide itself on the host PC.

Patrik Runald, chief security advisor at F-Secure, said detection of the malicious plug-in by various anti-virus engines is sorely lacking at the moment. According to a scan of the malware at Virustotal.com -- which scans any submitted files against three-dozen anti-virus products -- only 14 out of 36 products detected the file as hostile.

"This is not a big surprise, but it was done relatively quickly [after the election]," Runald said of the e-mails advertising the malware sites, which first went out around 10 a.m. PT today. "I'd say this will be fairly successful, given that a lot of people are interested in the election, obviously."

If you receive any of these messages, please just delete them. While it's nice that this scam actually purports to offer the latest, most secure version of Flash, this kind of ploy is further evidence of why it's always a good idea to avoid updating your software and browser plug-ins from anywhere but the software vendor's official Web site.

By Brian Krebs  |  November 5, 2008; 2:12 PM ET
Categories:  Fraud , Latest Warnings , Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Adobe Issues Critical Acrobat, Reader Updates
Next: Researchers Hijack Storm Worm to Track Profits

Comments


/////////////////////////////////////////

THE WASHINGTON POST HAS PULLED OVER 20 COPIES OF THE FOLLOWING POSTING FROM OBAMA VICTORY ARTICLES COMMENTS SECTIONS.

////////////////////////////////////////////

THUS THE WASHINGTON POST HARDLY HAS THE CHARACTER OR INTEGRITY OF EITHER CANDIDATE
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

/////////////////////////////////////////


CONGRATULATIONS MR PRESIDENT & COMMANDER-IN-CHIEF

/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

DID BARACK OBAMA RECEIVE A ++++ MANDATE ++++ TONIGHT ???????

///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

YES AND NO

President-elect Obama CLEARLY changed history tonight by becoming America's first African-American President and arguably that would not have occurred as it did without a mandate.

THE ECONOMY

Be it Joe the Plumber or most other Americans, the vast majority of Americans have lost much from any existing retirement accounts and any real estate or stock investments. Obama received a mandate to correct that, but there was not the degree of cohesion across the board as to HOW that was to be accomplished.

He ABSOLUTELY DID NOT receive a mandate to become a modern American Robin Hood, taking from 'the rich' [?] to give to the poor. He DID NOT receive a mandate to continue, or begin anew, wasteful public spending programs.

Did Obama receive a mandate to return jobs to America? YES ++++ BUT ++++ at what wages and where does this money come from? Computer support positions went to India, not because America does not have the expertise, but because when Internet access providers TRIPLE your monthly fees, so they can PAY American workers, they will loose clients BIG TIME. THE DEVIL'S IN THE DETAILS, IT SEEMS.

THE WAR IN IRAQ

So far, America has paid for the Democracy but has yet to receive any dividend from that major investment. So maybe it indirectly was about the cost of energy and America needs to see a return on that investment SOMEHOW.

THE WAR ON TERROR

A mandate was clearly given by the American people to address this issue ASAP, wherever it arises. The obvious issue is Iran, or more precisely stated, the radical Islamic leadership within Iran. If this is not affected peacefully and VERY SOON, Israel will address it, of necessity.

THE MARKETS

The markets need to address the mortgage crisis EFFECTIVELY and since they cannot do that themselves, further efforts to stabilize them are mandated and yes, that was a mandate.

HEALTH CARE

YES a mandate, but questionable funding for same.

GUIDANCE FROM MCCAIN ON MILITARY MATTERS AS WAS OFFERED IN THE CONCESSION SPEECH.

Obama would be wise to confidentially, even secretly, listen up well here.

Posted by: brucerealtor@gmail.com | November 5, 2008 6:35 PM | Report abuse

As of April 2008, it has been reported that the number of computer viruses has exceed the ONE MILLION mark!

This is why I decided to write a report that outlines 4 FREE and EASY steps you can take to ensure your computer is completely protected against these viruses and other computer threats.

You can download this FREE REPORT here:
http://www.eztechtips.com/free-report-is-your-computer-safe/

To your protection,
Hani
http://www.eztechtips.com

Posted by: eztechtips | November 6, 2008 12:03 PM | Report abuse

Can someone please suspend this ridiculous person's account? No wonder it has been deleted, it's the comment equivalent of spam. You, sir, need to find something constructive to do with your time.

Posted by: hokiealumnus | November 6, 2008 12:05 PM | Report abuse

Ok...that post was for the first political poster. I suppose it may apply to the second too. It's sad to see registration has done little to help the comment situation.

Posted by: hokiealumnus | November 6, 2008 12:06 PM | Report abuse

Today's malware is proving to be more and more elusive to the security software typically found on PCs. These posts expand on that point:


Posted by: eiverson1 | November 10, 2008 1:53 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company