Symantec, in a posting on its Security Response blog on Thursday, issued a warning to recipients of email messages bearing the subject line "Hillary Clinton Full Video !!!." Clicking on a link provided in the message will install Trojan.Srizbi, a malicious rootkit trojan that directs the victim's PC to acquire other spam messages and send them out.
The malicious link in the Clinton spam – which purports to deliver video of an interview with Hillary Clinton during a recent visit to Virginia – is disguised so that it appears to call up a google.com page, when it actually delivers the user to a malware site at canotrajetrilly.com, Symantec said.
Last fall, Symantec research director Oliver Friedrichs predicted that interest in this year's presidential election also would draw the attention of cybercriminals, who were expected to mount campaign-themed phishing expeditions or deploy keylogging and hacking to attack their victims.
Symantec spam expert Doug Bowers told SCMagazineUS.com on Thursday that the fake Hillary Clinton messages delivered this week are merely the frontrunners in a malware campaign that is expected to grow as the November election approaches.
We predicted there would be socially engineered spam for the election season and now it's arrived. We're seeing a low volume of this now, but we expect it to increase as we approach the election, and to use other candidates," Bowers said.
According to Symantec, Trojan.Srizbi patches the TCP/IP network drivers chain to completely bypass firewalls, IDS systems and network sniffer tools. The rootkit also works in Windows Safe Mode.
Once installed, the trojan attempts to connect to a series of malware-laced URLs and download configuration files to send spam to email addresses contained in the configuration files. The threat runs only in kernel mode and uses rootkit techniques to hide files, registry keys and network connections.
See original article on scmagazineus.com
Spam offers bogus Hillary Clinton interview video
By
Jack Rogers
on Feb 15, 2008 2:29PM
Spammers capitalising on nationwide interest in the Democratic presidential nomination battle are sending out messages offering a link to a "Hillary Clinton video interview" that instead launches a trojan downloader on the victim's PC.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Promoted Content
Ransomware evolving from 'spray and pray' to more targeted attacks
Promoted Content
Kick the tyres of AI systems using real world data at #BuildWithAI Hack 2021
Promoted Content
Five ways Russian cybercrime tactics have changed
Promoted Content
IT’s control over digital infrastructure is slipping, reports The Economist Intelligence Unit
Sponsored Whitepapers
Understanding the next security control points: applications and workloads
Best security practices after rapid Digital Transformation
The CISO View 2021 Survey: Zero Trust and Privileged Access
How and why to backup your Office 365 tenant
ForgeRock for Australia’s Trusted Digital Identity Framework (TDIF)
