Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Middle East conflict spam a spoof

Sophos : 09 July, 2008  (Technical Article)
Video link in spoof e-mail claiming the start of new conflicts in the Middle East leads to malicious code, according to Sophos
IT security and control firm Sophos is warning of an attempt by hackers to infect computers using the camouflage of a news report claiming that the USA has invaded Iran.

Widely spammed out emails with subject lines including 'Third World War has begun', '20000 US Soldiers in Iran', and 'US Army crossed Iran's borders' have been intercepted by Sophos. The emails contain links to a malicious webpage that displays what appears to be a video player showing the mushroom cloud of a nuclear explosion with the following text beneath:

'Just now US Army's Delta Force and US Air Force have invaded Iran. Approximately 20000 soldiers crossed the border into Iran and broke down the Iran's Army resistance. The video made by US soldier was made today morning. Click on the video to see the first minutes of the beginning of World War III. God save us'.

However, Sophos experts warn that users visiting the webpage and clicking on the 'video player' run the risk of being infected by a Trojan horse, designed to compromise their computer. Sophos detects the malware hiding behind the fake video as Troj/Tibs-UO and a malicious JavaScript hidden on the website as Mal/ObfJS-AY.

'Receiving or reading the emails themselves does not mean you are infected - but visiting the link contained in them, or trying to watch the video, is definitely a bad idea. Once your computer is under the control of hackers they could steal your personal information to commit identity theft, or use your PC to spam out junk mail to millions of people around the world,' said Graham Cluley, senior technology consultant at Sophos. 'Hackers are taking advantage of the fact that many people today get their fix for breaking news via the internet. People, especially those with loved ones in the Middle East, may rush to watch the video without engaging their common sense. Everyone should ensure they keep their anti-virus protection up-to-date and never follow links in unsolicited email messages.'

Sophos experts note that this is not the first time that news about rising tensions between Iran and the West has been exploited by hackers. In 2005, a widespread spam campaign pretended to be a link to news about the controversial decision by Iran to continue work at a nuclear plant, but was really an attempt to infect users with a Trojan horse. The year before, the Cycle worm dropped a message complaining that European governments were supporting the regime in Tehran, because of the war in neighbouring Iraq.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo