Cyber criminals are drawing advantage from the world's focus on Barack Obama after winning the race for the White House.
Users worldwide were overwhelmed by a flood of spam emails right after results of the presidential race were announced. The spam invites the users to watch Barack Obama's victory speech. Clicking on the link will take the user to a webpage which will require him to install the latest version of Adobe Flash player in order to be able to play the video. Clicking the link to the supposedly update Adobe file, will download a Trojan called 'adobe_flash.exe', which in its turn will install an information stealing Trojan on the user’s system.
This Trojan installs a RootKit, a program that is specifically designed to conceal the Trojan’s presence on the infected system. The Trojan will monitor the victim’s system for passwords of banking websites and will then send gathered information back to server located in the Ukraine.
The following is an example of the spammed email:
eSafe proactively detects and blocks the spammed Trojan as a suspicious file. Only 14 out of the 36 major antivirus products detected the Trojan. The following is a link to the VirusTotal analysis for the Trojan’s file 'adobe_flash9.exe':
http://www.virustotal.com/analisis/58fd7100e69f9c940d6904981834f1fd
AIRC will provide a signature that would name this threat specifically in today’s update.
