Hackers spread malware with ‘Hilary Clinton’ spam
February 17, 2008 | Category: Newsbreak, Spamcatch Featured
Cybercriminals may have weighed risk and reward and figured that the first isn’t worth the second if they try to exploit the 2008 U.S. presidential campaign, a security researcher at Symantec Corp. said today.
At least for now.
“We’ve now seen just two instances of spam using political candidates to spread malicious code,” said Oliver Friedrichs, director of Symantec’s security response team and a writer on electoral cybercrime. “I think [hackers] are still a little skittish. The high visibility of the federal elections makes them cautious about stepping into it.”
Earlier this week, researchers at both Symantec and McAfee Inc. reported a spam run that tried to trick users into downloading a Trojan horse posing as a video of Sen. Hillary Rodham Clinton (D-N.Y.) supposedly shot before Tuesday’s Virginia primary. “Hilary [sic] Clinton visited her campaign headquarters in Virginia and did satellite interviews, looking beyond Tuesday’s trio of contests and touting the importance of a March 4 vote in Ohio,” the bogus e-mail read. “Full video. Download it now!”
Users who clicked the embedded link, however, were faced with a file pegged “mpg.exe.” That file was actually a downloader, which in turn retrieved and installed the “Srizbi” Trojan horse — malware that turns Windows-running PCs into spam-spewing bots.
The other example of what Friedrichs has called “electoral cybercrime” was a late-October 2007 spam blast ostensibly promoting Rep. Ron Paul (R-Texas) and his campaign for the Republican Party nomination. More than a month after that attack, which had links to the Srizbi Trojan horse like the Clinton one this week, researchers at SecureWorks Inc. linked the spam to a Ukrainian botnet. Read Complete article here.