Feeds

Hackers field malware from fake US election sites

The Trojan Candidate

Secure remote control for conventional and virtual desktops

Hackers have taken advantage of mounting interest in next year's US presidential elections to create fake websites that serve up exploits.

Anti-spyware firm Webroot said that it has tracked hundreds of fake sites that lure visitors into downloading malicious files. Surfers may encounter these fraudulent websites after unknowingly selecting a dodgy URL from a list returned from a search or (more likely) after mistyping the name of a legitimate site. The bogus sites are designed to appear as legitimate candidate web pages in an attempt to lure visitors into downloading infectious screensavers or videos. Once clicked, the links can then download a variety of spyware.

The ruse is being used in a bid to distribute the Zlob Trojan, among other item of malware. Zlob, variants of which pose as a video codec, leave compromised PCs under the control of hackers.

Candidates across the political spectrum from liberal Democrat hopeful Barack Obama to long-shot Texas Republican Ron Paul are bearing the brunt of the attack.

"We initially saw these types of spoofs surrounding the Barack Obama and Ron Paul websites," said Mike Irwin, chief operating officer of Webroot Software. "But we are finding that the spoofs intensify at the end of the month and expect to see them further intensifying as the candidate sites begin to see more traffic during the later phases of the campaign or during major fund-raising drives."

"Because cyber criminals are targeting the most heavily trafficked websites, voters seeking candidate information have to use caution when visiting these sites. Do not download applications such as screensavers or videos unless you know they are coming from a trusted source."

Standard defensive precautions against viral attacks apply. Users are urged to keep patch systems up to date and update anti-virus and anti-spyware signature definition files. Resisting the temptation to respond to spam emails is also a good idea, of course. ®

New hybrid storage solutions

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.