A day after the national election, both President-elect Barack Obama and Republican presidential candidate John McCain are in the middle of cyber-crime news.
According to a Newsweek report, the FBI believes both men had their campaigns hacked by a “foreign entity.”
After technology staff at Obama headquarters detected what they thought was a phishing attack in summer 2008, the FBI and U.S. Secret Service reportedly told campaign officials their computer system had been compromised and files had been stolen. A top McCain official confirmed to Newsweek that the McCain campaign’s computer system had been compromised as well, and that the FBI was investigating.
White House and FBI officials declined to comment to Newsweek about the story.
Meanwhile, Obama’s victory has touched off a malware campaign targeting Windows users. According to SophosLabs, the spam campaign accounted for 60 percent of the malicious spam the vendor detected over the course of an hour on Nov. 5. MX Logic detected close to 1 million messages between 8 a.m. and 10 a.m. MST.
The e-mails, which have subject lines such as “Obama win preferred in world poll” and claim to come from firstname.lastname@example.org, contain a link to a site purporting to have news of the election results. Once at the site, visitors are prompted to download Adobe Flash Player 9. In actuality though, the file is malware, and was detected by Sophos as Mal/Behav-027.
“The malware takes over your computer, handing over control to a remote hacker,” said Graham Cluley, senior technology consultant at Sophos. “That means it can be used to download further malware from the Internet, and normally this kind of attack is used to turn your PC into a spam-spewing relay and allow hackers to gain access to your private information.”
In the days leading up to the election, spammers favored Obama over McCain by a large margin. According to statistics from MessageLabs, 82 percent of election-related spam Nov. 4 involved Obama. More than 77 percent of the election spam came from the Srizbi botnet, according to the vendor.