Hacker disguises Subseven Trojan horse as McVeigh execution video

June 13, 2001 Sophos Press Release

Timothy McVeigh

Reports from the Associated Press newswire have warned that a file posing as a video of the execution of Timothy McVeigh, the Oklahoma Bomber, is in fact infected by the Subseven backdoor Trojan horse.

"Hackers and virus writers will try all kinds of tricks to entice people into double-clicking on their malicious code," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "It seems this time that the hacker has focused on the public's morbid curiosity."

The execution of McVeigh on 11th June was broadcast to relatives of victims at a federal facility in Oklahoma City. The FBI has said there is no indication that the signal was intercepted.

Sophos continues to recommend computer users practise safe computing as well as running up-to-date anti-virus software.