Malware Authors Jumping on the Obama Bandwagon

Keep on Guard!


No surprise here, the malware authors are leveraging on the social engineering aspect of the US presidential elections.

In less than half a day Google Adwords adverts and custom malware was popping up conning users into a sense of security by using Obama’s name.

Malware purveyors have wasted no time capitalizing on Barack Obama’s landslide victory in the US presidential race. Within 12 hours of his acceptance speech Tuesday night, net users were being treated to scams involving Google AdWords and prodigious volumes of spam.

The spam comes masked as dispatches from legitimate news sources, including the BBC and CNN, and invite readers to click a link to view a video of Obama accepting his country’s vote. Those who take the bait are sent to a spoof page of the news site that claims they need to update their Adobe Flash Player before viewing the speech.

It seems to be a generic trojan/rootkit aiming for banking details, it’s just a new vector for installation.

I guess a lot of people will fall for it though with the election fever hitting all around the World, not just in USA. Everyone is going Obama crazy!

In fact, Adobe_flash9.exe installs the notorious Trojan-PSW:W32/Papras.CL, according to anti-virus provider F-Secure. Earlier Wednesday, just 14 of the 36 major anti-virus programs detected the trojan, according to this analysis from VirusTotal. Once installed, the malware, which cloaks itself in a rootkit, logs passwords for bank sites and other sensitive information and sends them to a server located in Ukraine.

The fraudulent news sites are being hosted on a fast-flux network of infected machines, according to this analysis by the CyberCrime & Doing Time blog. Cloudmark, a company that provides spam filtering service, has already seen more than 10 million of the spam messages, according to the Zero Day blog.

Anyway just let the non-tech savvy amongst the people you know that this is going on and that they are likely to get e-mails or messages about Obama pretending to be from legitimate sources.

Under no circumstance should they follow the link and especially don’t install any flash or other software updates from such sites.

Source: The Register

Posted in: Malware, Social Engineering, Spammers & Scammers


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


One Response to Malware Authors Jumping on the Obama Bandwagon

  1. navin November 6, 2008 at 12:46 pm #

    oh -bama

    after fraudulent calls made to people asking for campaign donations in Obama’s name….it was only a matter of time till online scams started taking effect

    WE NEED CHANGE!! :)