Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: Cindy

Post-election Bin Laden video spreads a worm for the Hobbit

Munir Kotadia, ZDNet Australia
November 05, 2004
URL: http://www.zdnet.com.au/news/security/0,2000061744,39165586,00.htm

Security experts are warning that an e-mail claiming to contain a video of Osama Bin Laden's reaction to the US election result contains a worm. The e-mail is signed by The Hobbit.

Antivirus firm Sophos is warning Internet users not to get duped into opening the attachment because it contains a new variant of the Famus worm.

The Famus worm affects Windows systems and tries to trick users into believing its' attached file contains a file – in this case a video – from events relating to the US military. Previous variants purported to contain a spreadsheet with information from the Pentagon and pictures of the Iraq war.

Graham Cluley, senior technology consultant for Sophos said hackers and virus writers will try all kinds of tricks to entice people into running their malicious code.

"It seems this time that the virus writer has focused on the public's appetite for breaking news on the war against terror," said Cluley.

Once executed, the worm sends itself to e-mail addresses stored on the infected computer and creates a number of files on the hard drive. One of the files contains some text (in Spanish) that informs the victim they have been duped.

In English, the note reads: "This computer has been infected… This is to protest against the violation of free expression rights. Now all the data in your hard drive is been erased. The Hobbit."

The technique of using current events to entice a user to click on a malicious link or open a harmful attachment is known as social engineering.

Analyst firm Gartner last week warned that social engineering techniques are becoming more sophisticated and will pose the greatest security risk facing large companies over the next decade.

Malware writers recently targeted Yahoo by sending users an e-mail asking them to ‘verify’ their Yahoo username. This turned out to be an attempt to trick users into opening untraceable e-mail accounts.

Yahoo told ZDNet Australia that social engineering and phishing are industry wide issues and the only way to combat the problem is with a combination of education and technology.

According to a Yahoo spokesperson, by the end of the year Yahoo will have implemented a technology called DomainKeys, which is designed to help protect users from fake e-mails and phishing attacks. The company also highlighted that it will never ask users to ‘verify’ their usernames and passwords.

"Alongside with our DomainKeys proposal, our long-time consumer education efforts include tips and reminders for e-mail users such as: Yahoo will never ask you for your password credit card numbers, or other personal information in an e-mail," the spokesperson said.

http://www.zdnet.com.au/news/security/0,2000061744,39165586,00.htm


734 posted on 11/04/2004 9:07:14 PM PST by Honestly (There is nothing so likely to produce peace as to be well prepared to meet the enemy.)
[ Post Reply | Private Reply | To 733 | View Replies ]

To: Honestly

Good article.
Thank you Honestly.


737 posted on 11/04/2004 9:20:42 PM PST by Cindy
[ Post Reply | Private Reply | To 734 | View Replies ]
To: Honestly
Security experts are warning that an e-mail claiming to contain a video of Osama Bin Laden's reaction to the US election result contains a worm. The e-mail is signed by The Hobbit.

lol, I don't get why anyone would try opening a video they were e-mailed by an unknown person. ;) Good to know though, thanks for posting.

754 posted on 11/04/2004 10:18:50 PM PST by nwctwx
[ Post Reply | Private Reply | To 734 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson