Saddam used as bait to spread PC worms

Saddam Hussein is the latest person to be used as bait to trigger worms on users’ PCs.

Saddam Hussein is the latest person to be used as bait to trigger worms on users’ PCs.

Anti-virus software company Sophos has warned users about a new worm hidden in an e-mail attachment.

The message claims to offer photographic evidence that the former Iraqi leader has been killed following an attempted escape from custody.

The Bobax-H worm spreads both via e-mail and through an old Microsoft security vulnerability used by the infamous Sasser worm.

E-mails generated by the Bobax-H worm can use a variety of different messages, including "Saddam Hussein - Attempted Escape, Shot dead. Attached are some pics that I found".

Some versions also claim to have pictures of a captured Osama Bin Laden. Users who run the attached file on a Windows PC risk infecting their machine, warned Sophos.

The worm will attempt to forward itself onto other e-mail addresses and vulnerable computers, attempt to disable anti-virus and security software, and install an e-mail relay module, which can be used by external hackers for remotely sending spam.

"Many people use the internet to keep abreast of the latest breaking news stories - it is these individuals that worms like Bobax-H are trying to infect," said Graham Cluley, Sophos senior technology consultant.

The Bobax-H worm can exploit the same LSASS vulnerability first reported by Microsoft in April last year, which was later exploited by the widespread Sasser worm.

"There's really no excuse for computers still to be suffering from this Microsoft security vulnerability 10 months after a fix was first made available," said Cluley.

Saddam is the latest in a long line of public figures to be used as bait by malware authors and hackers. Politicians such as Margaret Thatcher, Ronald Reagan, and George W Bush have been used in the past, along with Bill Gates, David Beckham and Michael Jackson.

For more information about the Bobax-H worm click here >>

Read more on IT risk management