Milosevic murder trojan spreading rapidly

By on

An email purporting to contain proof that the recently deceased Yugoslav permier Slobodan Milosevic was murdered is being used to spread a malicious trojan, security watchers warned.

According to on BlackSpider Technologies, recipients are invited to open the email - subject line: Slobodan Milosevic was killed - and click on an attached image of Milosovic. When the image is opened, a trojan is downloaded to the PC.

The security firm estimated that more than 800,000 emails containing the new trojan-downloader were sent to U.K. businesses before a patch was released.

The trojan, which was first seen at 2 p.m. EST on Tuesday, was patched by the first anti-virus vendor at 10:30 p.m. Wednesday, and was named Trojan-Downloader.Win32.Small.cnk. The trojan enjoyed a window of exposure of eight and a half hours before it was patched.

As of yesterday afternoon, "at least one major anti-virus vendor is yet to issue a signature for the trojan," BlackSpider claimed.

James Kay, chief technology officer for BlackSpider, said: "Virus writers are playing on morbid human interest and using a high-profile incident to cause as much damage as they can to businesses."

The body of the email reads:

Content-Type: text/plain
Content-Transfer-Encoding: 7bit

The real evidence in attached photo.

--------------------------

Scanned by Kaspercky Antivirus

Status: clean

The attachment is a UPX packed executable and is 16.5 kilobytes.

"Newspapers and internet message boards are full of conspiracy theories as to how Slobodan Milosevic may have met his end, and this trojan horse exploits interest in the breaking news story in an attempt to fool people into infection," said Graham Cluley, senior technology consultant for Sophos.

Slobodan Milosevic is the latest in a long line of public figures to be used as bait by malware authors and hackers. Politicians such as Margaret Thatcher, Ronald Reagan, Saddam Hussein, Arnold Schwarzenegger, Bill Clinton, George W. Bush and P.W. Botha have been have been used in the past. Furthermore, the promise of glimpses of glamorous pin-ups like Halle Berry, Anna Kournikova, Julia Roberts, Jennifer Lopez, Britney Spears or the stars of "Sex and the City" have previously been used to help viruses spread.

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?