Burma protests bring out spammers
Spammers are taking advantage of global interest in the protests in Burma to spread malware, according to security company Sophos.
Emails, purportedly from the Dalai Lama supporting the protests in the country, have been arriving in people’s inboxes in recent days. However, the message actually carries a Trojan intended to infect the victim’s machine.
The email reads:
Dear Friends & Colleagues,
Please find enclosed a massage [sic] from His Holiness the Dalai Lama in support of the recent pro-democracy demonstrations taking place in Burma. This is for your information and can be distributed as you see fit.
The message has an attached document which when opened attempts to exploit a vulnerability in Microsoft Word to drop a Trojan onto the victim’s PC. The Trojan then downloads further code from the internet with the intention of hijacking the victim’s PC.
According to Sophos, the message carries an official link to the Dalai Lama’s website in order to add credibility. It has so far affected users across Europe and Australia.
“The sad thing is people are genuinely interested in the events in Burma and they’re using the internet to find out more. This could dissuade people from passing on information or news, which is the really horrid thing,” says Graham Cluley, senior technology consultant at Sophos tells PC Pro.
“It has the usual element of asking you to forward it on, it’s playing on people’s sympathies. You’d never forward on a Viagra spam, but this sort of thing you might, which is why people need to know about it. You could be doing the hackers work for them.”
“Using topical news stories to trick unwary computer users into opening and downloading malicious code is one of the oldest tricks in the book, but it’s obviously still working or the hackers wouldn’t waste their time on it.
“We should all use our common sense and question the legitimacy of emails sent out of the blue.”