Cyber criminals exploit Obama victory to infect computers around the globe news
06 November 2008

The US presidential elections came out as not only an opportunity for Americans to express their choice, but also as an opportunity for hackers to spread some malicious software, better known as malware. In fact, on the day of the election results, around 60 per cent of the spam, or unsolicited mail in the world, was Obama-related.

Malware authors began sending spam to internet users all over the world, inviting them to click on a link to either see the election results news page, or watch a video of Barack Obama's win.

But instead of that, the link prompted users to install a so-called update of their Adobe Flash Player in order to watch the video, which actually planted a Trojan horse software on unprotected computers.

In addition to that, another attack was reported, also evolving around information about Barack Obama, namely a rogue website that was being returned in the sponsored links of a search engine's results when users searched for any information about Obama.

Users who clicked on the link were also prompted to download a file, which was supposedly ''100-per cent checked by Antivirus.'' The result would have ultimately been the launch of a PDF file that contained an exploit in Adobe Acrobat Reader. Fortunately, the malicious website no longer appears in the search results.

''The hackers are taking advantage of Obama-mania,'' explained Graham Cluley, senior technology consultant for SophosLabs, which broke the news of most of these attacks. Obama is now the most famous person in the world, he said, and people's interest in him goes beyond all boundaries. It's a global phenomenon that cyber criminals stood in line to exploit.

According to Dan Hubbard, vice president of security research at Websense Inc., hackers registered 15 to 20 domains yesterday to host the aforementioned malware and fake site. All the domains are on so-called "fast flux" servers, Hubbard added, referring to the practice in which criminals rapidly switch domains between multiple IP addresses. Identity thieves often use the fast-flux tactic as a way to stay ahead of the law and prevent their servers from being shut down.

While it still remains hard to assess how many computers have been infected by now, the number is expected to be a significant one. Users are advised, as always, not to click on suspicious links or download suspicious applications, and always keep their security software up-to-date, in order to prevent their computers from being infected or personal data from being stolen.


 search domain-b
  go
 
Cyber criminals exploit Obama victory to infect computers around the globe