Well, they went straight for the jugular.
You knew there was bound to be plenty of election-themed spam and malware generated during the current U.S. presidential campaign of 2008, as social engineering tactics have been following popular news trends for quite some time.
But, apparently the bad guys aren’t going to be satisfied simply to use the timing of the election to attempt to lure people to go to phishing sites or download spyware programs this year. Nope, they went straight to the bottom, just like any candidate would when his or her back is up against the electoral wall.
Researchers at Websense have discovered a malware run that is being pitched via e-mail as a video file offering lurid sexual images of Democratic candidate Barack Obama. It’s a seemingly powerful combination of time-honored themes that always seem to find enough unsuspecting or overly prurient users to merit their use in their own right, but by combining sex and politics together the attackers have gone for a true daily double.
Further, the video clip isn’t supposed to be a tape of Obama with his wife Michelle, but rather a file featuring an Obama “sex scandal.”
According to Websense, users who click the link sent in the involved e-mail are shown a pornographic video that does not feature the candidate himself. We’ll have to take their word for it.
The file of course also delivers a malicious executable file identified by the security company merely as “809.exe” and saves it in the user’s Temporary Internet Files folder.
The attack also passes along a BHO (Browser Helper Object) named “Siemens32.dll” that Websense has called out as an information-stealing application that posts data to a compromised Finnish travel site.
It looks like the campaign season for malware gangs is officially under way. And there’s no debating the fact that more attacks along similar lines are likely to show up between now and the November run-off.
Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWEEK and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.