Iran invasion spam hoax spreads Trojan

Web security firm Sophos is warning of an attempt by hackers to infect computers using the guise of a news report claiming that the US has invaded Iran.

Widely spammed e-mails with subject lines including "Third World War has begun", "20,000 US Soldiers in Iran", and "US Army crossed Iran's borders" have been detected by Sophos.

The e-mails contain links to a malicious webpage that displays what appears to be a video player showing the mushroom cloud of a nuclear explosion with the following text beneath:

"Just now US Army's Delta Force and US Air Force have invaded Iran. Approximately 20,000 soldiers crossed the border into Iran and broke down the Iran Army's resistance. Click on the video to see the first minutes of the beginning of World War III. God save us."

Sophos has warned that users visiting the webpage and clicking on the "video player" run the risk of being infected by a Trojan horse, designed to compromise their computer.

Sophos says the malware hiding behind the fake video is Troj/Tibs-UO, and malicious JavaScript code hidden on the website is Mal/ObfJS-AY.

More information on the hoax here.

Storm gang uses 4 July fireworks to spread trojan

Rock phish groub adds crimeware Trojan to its financial attacks