Interesting People mailing list archives

Security Alert: US Presidential Malware - Barack Obama Interview Lure

From: David Farber <dave () farber net>
Date: Thu, 6 Nov 2008 04:32:59 -0500



Begin forwarded message:

From: Monty Solomon <monty () roscom com>
Date: November 5, 2008 10:03:02 PM EST
To: undisclosed-recipient:;

Subject: Security Alert: US Presidential Malware - Barack ObamaInterview Lure



http://securitylabs.websense.com/content/Alerts/3229.aspx

US Presidential Malware - Barack Obama Interview Lure

Date: 11.05.2008

Threat Type: Malicious Web Site / Malicious Code

Websense Security Labs ThreatSeeker Network has discovered that
malware authors are capitalizing on the recently announced results of
the 2008 US Presidential election. Malicious email lures are being
sent promising a video showing an interview with the advisors to the
recently elected US President.

The email actually contains links to a file called 'BarackObama.exe'
hosted on a compromised travel site at
hxxp://*snip*.com/web/BarackObama.exe. This file is a Trojan
Downloader with MD5 9720d70a5da9ca442ecf41e9269f5a27. Upon execution
files called system.exe and firewall.exe are dropped into the system
directory. A phishing kit is unpacked locally, and the dropped files
are bound to startup. The hosts file is also modified.

Major anti-virus vendors are not detecting this Trojan Horse.





-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com

Current thread:

Security Alert: US Presidential Malware - Barack Obama Interview Lure David Farber (Nov 06)