Home > Security > Obama ‘Impeachment’ Spam

Obama ‘Impeachment’ Spam

November 10th, 2008
Goto comments Leave a comment

U.S. President candidate John McCain plans to impeach president elect Barack Obama, at least according to the latest post-election spam spotted today. Here’s a screenshot of the sample email message:

Figure 1. Politically-tinged spam email just keeps coming

Our researchers have seen the following subject lines containing the same text as the above:

  • Barack Obama in Danger – McCain will fight for the president post
  • McCain Lawmakers Impeach Obama
  • The impeachment of new president Obama
  • Barack Obama can lost President’s Chair.
  • POLITICAL STRIKE TIES
  • McCain Lawyers Want to Stop Obama

This is to rouse the curiosity of users into clicking the link that connects to several malicious Web sites. When users access the sites, a bogus US government official website is displayed. It presents a fake video (actually an image) and tricks the user into downloading a fake Adobe Player installer from a URL ending in AdobePlayer9.exe. Trend Micro detects this file as TROJ_PACKED.JFP. It drops and executes TROJ_ROOTKIT.FX. Smart Protection Network also blocks users from accessing the malicious links in the spam, the fake video, and the URL from which the executable is downloaded.

http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/digg_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/reddit_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/dzone_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/stumbleupon_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/delicious_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/blinklist_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/blogmarks_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/furl_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/newsvine_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/technorati_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/magnolia_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/google_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/myspace_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/facebook_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/yahoobuzz_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/sphinn_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/mixx_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/twitter_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/jamespot_32.png http://www.bluenoseddog.co.uk/wordpress/wp-content/plugins/sociofluid/images/meneame_32.png

  1. No comments yet.
  1. No trackbacks yet.