Malicious spam is being spread with the use of fake news
headlines claiming president-elect Barack Obama has refused the
presidency.
The spam messages contain links to the Waledec botnet, say web
security experts from the Marshal8e6 TRACE Labs.
The e-mails use subject lines such as "Amazing News" and contain
text suggesting that Obama has abandoned the presidency or no
longer wants to be president.
The e-mails provide a simple link to a look-alike Obama campaign
website. The site hosts links to downloadable malware presented to
the user as legitimate news headlines.
The domains for the fake websites include "greatobama" or
"superobama".
"Barak Obama's inauguration is just one day away. Spammers have
used social engineering ploys like this time and time again to
entice spam recipients into clicking on links without thinking,"
said Phil Hay, senior threat analyst at the
Marshal8e6 TRACE Labs.
The Waledec botnet is new on the scene and widely considered by
internet security researchers to be the latest creation of the
authors of the Storm botnet, which ceased spamming in September
2008.
Waledec first appeared in December 2008, according to
Marshal8e6, and continues the Storm botnet's modus operandi of
distributing malware via URL links under the guise of sensational
news headlines and fake greeting cards.