Trojan Exploits Obama Presidential Win

malware

Following Obama's presidential victory Tuesday, malware authors were quick to create a Trojan exploiting the high volumes of Web traffic surrounding Obama, security experts said.

And so far, researchers say that spam capitalizing on Obama's victory has experienced a sharp upward spike, comprising about 60 percent of all spam messages in what has become a globalized attack.

"The hackers are taking advantage of Obama-mania," said Graham Cluley, senior technology consultant for SophosLabs. "So many people have been excited or interested in (the election), that they might be susceptible to it."

Specifically, malware authors are exploiting users' post-election curiosity with an e-mail purporting to offer news of Obama's victory. The legitimate-looking message then offers the viewer a link, allegedly of a video featuring Obama's acceptance speech. However, in order to view the clip, users are advised to click on a link that will allegedly download the latest version of Adobe Flash player.

Once users open the link, a Web site actually links to a file called adobe_flash_exe, a malicious Trojan downloader designed to distribute information-stealing software on unsuspecting victims' computers. Upon execution, the compromised machine receives a RootKit that sends the user's personal data to numerous command and control centers.

Researchers at Web security company Websense said in a blog that they have seen at least 25,000 e-mails through the systems using that particular technique, which, in addition to distributing data-stealing malware, also incorporates the victim's computer into a botnet, a network of computers programmed to perpetuate spam campaigns.

"Spam is sent from countries all around the world. If you get infected, your computer will be turned into a spam spewing factory," said Cluley.

Cluley said that it was impossible to determine the number of infected computers. However, he said users can expect to see numerous malicious attacks riding on the wave of Obama's fame. In the past, other similar malware campaigns have enticed users with lures that feature political figures such as Hillary Clinton, President George Bush, and other world leaders.

"We hope people are beginning to learn not to click on these things," said Cluley. "All we can suggest is to make sure you have up-to-date security software, and please apply a grain of common sense. If an e-mail is unsolicited, think twice before clicking on the links."