Spam campaigns are using Obama's inauguration as way to trick users into visiting malicious Web sites hosting variations of "Waledec," the Trojan horse thought to be the successor to Storm.
Gregg Keizer 20/01/2009 07:40:00
... According to researchers at several security companies, including F-Secure, MX Logic and Trend Micro, spam campaigns are in gear that try to trick users into visiting malicious Web sites hosting variations of "Waledec," the Trojan horse thought to be the successor to Storm.
Sam Masiello, vice president of information security at MX Logic, was one of the first to call attention to the attacks, which begin with one-line spam messages such as "Haven't you heard latest news about our president-elect?", "Barack Obama abandoned sinking ship," and "Obama doesn't wany
anymore to be a president."
The links in those messages lead to a legitimate-looking site that resembles the real Obama-Biden campaign site . The fake site contains both bogus and real news stories. At the top of the page is a story with the headline "Barack Obama has refused to be a president," that includes text which reads, "On the Eve of Inauguration Day President-elect Barack Obama made statement. He declared that he is definitely NOT ready for this position."
Clicking on a link to read more of the story triggers a download of an executable file that is in fact a variant of the relatively-new Waledec , according to researchers at Trend Micro and F-Secure ... http://www.computerworld.com.au/article/273530/fake_sites_spreading_malware_claim_obama_won_t_take_oath
Spam emails claim that Barack Obama will refuse Presidency
Dan Raywood
January 19, 2009
New spam emails are being circulated that claim US President-elect Barack Obama no longer wishes to take up the position, despite his inauguration taking place in Washington DC tomorrow. According to some experts, the emails contain variations of the ‘Waledec' Trojan. Sam Masiello, vice president of information security at MX Logic, claimed that all of the links on the site link to a file named pdf.exe, which McAfee is calling part of the Waledec family of malware ... http://www.computerworld.com.au/article/273530/fake_sites_spreading_malware_claim_obama_won_t_take_oath