Hackers Using Middle East Fears To Push Trojan AttackHackers Using Middle East Fears To Push Trojan Attack

A new spam campaign is trying to trick people into opening malicious attachments by using subject lines about the United States, Israel, and Iran starting a new war in the Middle East.

Sharon Gaudin, Contributor

April 9, 2007

2 Min Read
information logo in a gray background | information

Hackers are spamming out e-mails with fraudulent news about a war breaking out in the Middle East involving the United States, Iran, and Israel in an attempt to trick people into downloading Trojans.

Daniel Wesemann, a handler at the Internet Storm Center, reported in the site's online daily diary Sunday that the spam is coming with .exe files attached. The hackers are using social engineering to lure people into opening the e-mails with the malicious attachments by using subject lines about war breaking out or the United States bombing Iran.

Subject lines include: "USA Just Have Started World War III"; "Missile Strike: The USA kills more then 20000 Iranian citizens"; "Israel Just Have Started World War III"; and "USA Missile Strike: Iran War just have started."

The actual e-mail body is blank, but the attachments have names like movie.exe, video.exe, clickhere.exe, and readmore.exe.

According to John McDonald, a security response engineer at Symantec, the underlying threat -- Trojan.Packed.13 -- is nothing new.

"They are simply minor variants of Trojan.Peacomm and W32.Mixor (named W32.Mixor.AR@mm in this instance) which have been repacked in an attempt to avoid existing detection, and appear to have been largely successful at that attempt," he wrote on the Symantec blog. "There is never a good time to let your guard down, even during a festive season when goodwill to others should surely be the overriding theme. The more shocking or unbelievable the subject of e-mails such as these, the more the contents should be treated with the suspicion they usually deserve."

Using scare headlines to con users into opening a malicious attachment or click on a link that goes to a malicious Web site is nothing new.

Just last week, hackers were trying to con people into going to a Web site that would surreptitiously infect their computers with a .ANI exploit by promising them pictures of a naked Britney Spears. Sophos reported in an advisory that the malicious site contains the Iffy-A Trojan that points to another piece of malware, which contains the zero-day .ANI exploit -- Animoo-L.

Read more about:

20072007

About the Author

Sharon Gaudin

Sharon Gaudin

Contributor

See more from Sharon Gaudin
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

A group of smiling college graduates celebrating their graduation.
IT Leadership
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era

Jan 17, 2025

Flame front of the Eaton Fire on the first night during the January 2025 California wildfires in Altadena and Los Angeles
IT Sectors
How Tech Supports the Emergency Response to the LA County Wildfires
How Tech Supports the Emergency Response to the LA County Wildfires

Jan 16, 2025

Graphic Pop Art style Illustration of Keanu Reeves as NEO from the film, The Matrix
IT Infrastructure
Y2K and Infrastructure Resilience 25 Years Later
Y2K and Infrastructure Resilience 25 Years Later

Jan 7, 2025

Young businessman working on a virtual screen of the future and sees the inscription: Now hiring
IT Leadership
Help Wanted: IT Hiring Trends in 2025
Help Wanted: IT Hiring Trends in 2025

Nov 20, 2024

Cobol programming language software development concept on vitual screen.
IT Leadership
Untangling Enterprise Reliance on Legacy Systems
Untangling Enterprise Reliance on Legacy Systems

Jan 21, 2025

Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports