Proofpoint: Security, Compliance and the Cloud

August 18, 2009

And Now Hackers are DDoSing Obama - Or are they Just Zombifying Your Machine?

Obama-ddos-spam-email Yesterday, I wrote about how some were questioning the White House's use of email to promote health care reform (see "Is the White House Sending Spam?"). This topic continues to be hot and it looks like hackers are now using the issue to get unwitting users to install malware (or, at best, "bad idea ware") voluntarily on their machines.

The spam fighters over in the Proofpoint Attack Response Center, sent me the following information about new spam messages they have seen. Analyst Scott Panzer tells me there's a new spam in circulation, one variant of which tempts people who don't like President Obama.

Sample screencap at right (click for full resolution version). The payload message reads, in part:

“If You dont like Obama come here, you can help to ddos his site with your installs”

Which is followed, of course, by a link to a malware download. I'm told that other variants of the message tempt the user with "more typical stuff" such as pornography.

The linked website offers visitors money to install the software and - get this - advises users to return to the website for updated versions if their anti-virus software is detecting and disabling it against the user's wishes.

Need I even say that -- regardless of your political leanings -- installing such software is a really bad idea?

One does almost have to admire the social engineering techniques in operation here. Getting users to voluntarily install malicious software... Lovely.

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Which law enforcement agencies did you notify?

We did have some interaction with US CERT (Computer Emergency Response Team) on this particular spam campaign.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Archives

Blog Search

Email Security Gateways, 2012

Magic Quadrant

Tweets

What people are saying right now about us.

©2012 Proofpoint, Inc.
threat protection: Proofpoint Enterprise Protection compliance: Proofpoint Enterprise Privacy governance: Proofpoint Enterprise Archive secure communication: Proofpoint Encryption