Spammers announce World War III with spam emails packing malicious payloads

Update: Dancho Danchev informed that this actually relates back to his article on from last week. Apparently I reposted with less information than the original, so I apologize to Dancho for that. Guess that’s what I get for poking my nose into the malware realm. Dancho informed me that the security research community intercepted the campaign within its first 30 minutes of mass spamming an quickly took actions to shut down the domains used by blacklisting them and approaching the domain registrar that was managing them.

From Robert Jaques of ITNews Australia:

Hackers are deluging web users with malware-laden spam claiming that World War III has started following a US invasion of Iran.

Security experts warned today that spam emails with subject lines including ‘Third World War has begun’, ‘20000 US Soldiers in Iran’ and ‘US Army crossed Iran’s borders’ have been intercepted.

The emails contain links to a malicious webpage that displays what appears to be a video player showing the mushroom cloud of a nuclear explosion.

Text on the page reads: ‘Just now US Army’s Delta Force and US Air Force have invaded Iran. Approximately 20000 soldiers crossed the border into Iran and broke down the Iran’s Army resistance. The video made by US soldier was made today morning. Click on the video to see the first minutes of the beginning of World War III. God save us.’

However, Sophos warned that users visiting the webpage and clicking on the ‘video player’ run the risk of being infected with the Troj/Tibs-UO Trojan and a malicious JavaScript hidden on the website as Mal/ObfJS-AY.

Perfect example of hackers/phishers/spammers/whatever playing emotions against their victims. So, take it upon yourself to spread the world word, especially consider friends or family that might have loved ones across seas, as they’re probably most likely to react emotionally and click without thinking hear here.

[Source: zdnet]