IT security and control firm Sophos is warning email users,
excited about the US presidential election, to exercise caution
when checking their inboxes. The warning comes after the discovery
of a widespread malicious spam campaign that claims to offer news
of Barack Obama's successful campaign, but instead links to a
website that attempts to infect users with a Trojan horse that
steals information for identity fraud.
The emails, which have subject lines such as "Obama win
preferred in world poll" and claim to come from news@president.com,
have accounted for approximately 60 percent of all malicious spam
seen by SophosLabs in the past 24 hours.
The spam messages contain a link that takes internet users to a
webpage which instructs visitors to download 'Adobe Flash 9' to
view a video of the first African-American president making an
"amazing speech". However, the download will infect computers with
a malicious Trojan horse detected by Sophos as Mal/Behav-027.
"Barack Obama is undoubtedly the most famous person on the
planet right now," said Graham Cluley, senior
technology consultant at Sophos. "But email users who are eager to
get the latest scoop on Obama's monumental presidential win should
be careful that they are not being tricked by conniving
cybercriminals. Hackers will be quick to jump on breaking news to
spread malware and steal sensitive information - web and email
users should exercise extra caution and ensure that they are
running security software that is fully patched and
up-to-date."
Sophos experts have determined that the malicious Trojan horse
is based on rootkit technology which aids concealment on the
victim's computer. Designed to steal information, the malware
spies on users' keyboard and mouse inputs, can take screenshots,
looks for passwords and submits the information it discovers to a
webserver located in Kiev, Ukraine.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.