August 18, 2009
And Now Hackers are DDoSing Obama - Or are they Just Zombifying Your Machine?
Yesterday, I wrote about how some were questioning the White House's use of email to promote health care reform (see "Is the White House Sending Spam?"). This topic continues to be hot and it looks like hackers are now using the issue to get unwitting users to install malware (or, at best, "bad idea ware") voluntarily on their machines.
The spam fighters over in the Proofpoint Attack Response Center, sent me the following information about new spam messages they have seen. Analyst Scott Panzer tells me there's a new spam in circulation, one variant of which tempts people who don't like President Obama.
Sample screencap at right (click for full resolution version). The payload message reads, in part:
“If You dont like Obama come here, you can help to ddos his site with your installs”
Which is followed, of course, by a link to a malware download. I'm told that other variants of the message tempt the user with "more typical stuff" such as pornography.
The linked website offers visitors money to install the software and - get this - advises users to return to the website for updated versions if their anti-virus software is detecting and disabling it against the user's wishes.
Need I even say that -- regardless of your political leanings -- installing such software is a really bad idea?
One does almost have to admire the social engineering techniques in operation here. Getting users to voluntarily install malicious software... Lovely.
Which law enforcement agencies did you notify?
Posted by: psource | September 16, 2009 at 02:07 PM
We did have some interaction with US CERT (Computer Emergency Response Team) on this particular spam campaign.
Posted by: Keith R. Crosley | September 30, 2009 at 02:11 PM