MyBarackObama profile hack punts malware
Virus authors are exploiting a website associated with President Barack Obama in order to distribute a Trojan.
The new president's use of Web 2.0 technologies is being misused in a fake video codec scam centered around My.BarackObama.com, an online community for supporters of the new president.
Web security firm Websense reports that malicious hackers have registered multiple bogus user accounts on My.BarackObama.com. The site allows legitimate punters to join groups, raise funds, or creates blogs. The griefers have established blogs with fake YouTube clips, ostensibly offering grumble flicks.
Prospective marks are told they need a video codec to watch these clips which - you've guessed it - are loaded with a Trojan.
The fake codec scam is a well-known malware distribution/social engineering ruse, which hackers have taken it a step further in the case of the My.BarackObama.com hack. Miscreants have begun link spamming links the the dodgy My.BarackObama.com URLs by injecting pointers onto blog comment forms and the like. The tactic has the effect of increasing the search engine ranking of scam profiles.
Websense notes that the attack is part of a wider trend of increased malicious activity themed around Obama's historic inauguration last week. A full write-up of the assault - featuring screenshots and more - can be found here. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust