Malware posing as Change.gov

change

PandaLabs has identified a botnet running a malware campaign impersonating president-elect Obama’s website. The front page of the site features a sensational story titled “Barack Obama has refused to be a president”. Clicking the link will download the malware and make the target’s machine part of the botnet. They’re using fast-flux to assign the malicious domains to the massive number of compromised nodes that are hosting the actual site. The team has contacted the domain name registrar in China to get the domains removed. Using a sensational headline is not new to malware; it’s how the Storm Worm got its name.

[via lithium]

Comments

  1. HZ says:

    I wonder how many people attempted to visit the sites marked “Please do not attempt to visit the sites.” lol. I did…in BT3.

  2. ragnar says:

    At least have your monthly bit of security when you use windows, please, would you?

  3. Ste@l says:

    First if you believe that link I think you deserve it…

  4. conservative says:

    I wish that link were true…

  5. How fitting, a worm in the image of a worm.

  6. markp1989 says:

    @hz i did the same, using arch lol.

  7. octelcogopod says:

    great, all the republidroids are coming out of the woodwork…

  8. conservative_masses says:

    @octelcogopod:

    There are more of us than you realize…

  9. tecNik says:

    Wow. For a second there I thought I was reading articles on Hackaday. My RSS feed must have got mixed up with the BBC Tech news one.

    /sarcasm

  10. octelcogopod says:

    @conservative_masses
    “conservative” can no longer be equated with “republican”, at least not in any sane way
    are you a “classic” republican or a modern republican? if you’re the latter, gtfo please

  11. nice
    great, all the republidroids are coming out of the woodwork…

  12. republidroid9000 says:

    great all the obamabots are coming out of the sewers…

  13. anon says:

    time to join obmas botnet….

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s