Obama Malware on the Lose

November 6th, 2008 at 12:00 am

After winning the the elections yesterday, Barack Obama and the rest of his supporters and also everyone actually must be dead tired.  Just like driving, being tired and on the internet may have serious consequences.  Drunk web surfing may lead to installation of malware and other harmful programs on your machine.

If you thought that the malware authors were resting during hte elections, think again.  Obama-themed malware have been spotted in the wild.  As usual the invitation to download the program looks innocent and if you did not know any better, would easily be swayed towards it.

obama malware

The link is deceiving enough and you cant’t be blamed for clicking on it.  However, it’s after the jump that your spider sense should be working. The pagelooks like any other page with a video player and the invitation to istall adobe_flash9.exe is immediately prompted.  Now this isn’t normal and you should close the window.

If you’re unlucky enough to have installed the malware, here’s the low down from Sophos:

The file referenced is detected by Sophos as a piece of malware called Mal/Behav-027 or Mal/Heuri-E It’s likely that the cybercriminals behind this attack will rotate the malware being served up by this dangerous website – so we will continue to monitor its activity as well as block access to the infected webpage with our web protection solutions.

Further analysis of the file by my colleagues in SophosLabs last night has determined that the malicious Trojan horse incorporates the following characteristics:

  • The malware contains rootkit technology to conceal itself.
  • It’s designed to steal information from an infected computer.
  • It also has general backdoor functionality.
  • It spies on user’s keyboard and mouse inputs and can take screenshots.
  • It looks for passwords.
  • It submits the information it discovers to a webserver located in Kiev, Ukraine.

So, again, malware authors are always and will always be relentless in trying to get the best of anyone, so before you click on installing anything,make sure you know what it’s for exactly.