Told Ya!

Got this from work:

Websense® Security Labs(TM) ThreatSeeker(TM) Network has discovered that malware authors are capitalizing on the recently announced results of the 2008 US Presidential election. Malicious email lures are being sent promising a video showing an interview with the advisors to the recently elected US President.

The email actually contains links to a file called 'BarackObama.exe' hosted on a compromised travel site at hxxp://*snip*.com/web/BarackObama.exe. This file is a Trojan Downloader with MD5 9720d70a5da9ca442ecf41e9269f5a27. Upon execution files called system.exe and firewall.exe are dropped into the system directory. A phishing kit is unpacked locally, and the dropped files are bound to startup. The hosts file is also modified.

Major anti-virus vendors are not detecting this Trojan Horse.

Goddam Democrats! Hope and Change, my ass!

2008 Posted by John Kranz at November 5, 2008 3:31 PM