Hackers field malware from fake US election sites
The Trojan Candidate
Hackers have taken advantage of mounting interest in next year's US presidential elections to create fake websites that serve up exploits.
Anti-spyware firm Webroot said that it has tracked hundreds of fake sites that lure visitors into downloading malicious files. Surfers may encounter these fraudulent websites after unknowingly selecting a dodgy URL from a list returned from a search or (more likely) after mistyping the name of a legitimate site. The bogus sites are designed to appear as legitimate candidate web pages in an attempt to lure visitors into downloading infectious screensavers or videos. Once clicked, the links can then download a variety of spyware.
The ruse is being used in a bid to distribute the Zlob Trojan, among other item of malware. Zlob, variants of which pose as a video codec, leave compromised PCs under the control of hackers.
Candidates across the political spectrum from liberal Democrat hopeful Barack Obama to long-shot Texas Republican Ron Paul are bearing the brunt of the attack.
"We initially saw these types of spoofs surrounding the Barack Obama and Ron Paul websites," said Mike Irwin, chief operating officer of Webroot Software. "But we are finding that the spoofs intensify at the end of the month and expect to see them further intensifying as the candidate sites begin to see more traffic during the later phases of the campaign or during major fund-raising drives."
"Because cyber criminals are targeting the most heavily trafficked websites, voters seeking candidate information have to use caution when visiting these sites. Do not download applications such as screensavers or videos unless you know they are coming from a trusted source."
Standard defensive precautions against viral attacks apply. Users are urged to keep patch systems up to date and update anti-virus and anti-spyware signature definition files. Resisting the temptation to respond to spam emails is also a good idea, of course. ®
Sponsored: Network DDoS protection