Warning over Obama Sex Scandal Spam
Trojan lurks to infect the prurient
by Iain Thomson in San Francisco
10 Sep 2008
Web monitoring firms are warning IT administrators to update their spam filters after a massive new spamming campaign was detected.
Inboxes are filling up with spam claiming to have a link to a web site that carries video footage of a sexual indiscretion committed by presidential candidate Barack Obama. It alleges to show footage of him having sex with Ukrainians after a visit to the country last year.
“Users who click the link are shown a pornographic video,” said Websense. “While the video plays for 14 seconds, malicious applications are installed on the victim’s machine.”
The malware consists of a Trojan that allows remote control of the user’s machine using an application called 809.exe in the user’s Temporary Internet Files folder. It also installs a Browser Helper Object which steals keystrokes and forwards them to a server controlled by the malware distributors.