Fake BBC report spreads Berlusconi death claim and malicious trojan
IT security firm Sophos is warning users about a new Trojan horse that has been spammed out to email addresses disguised as a breaking BBC news report claiming the death of former Italian prime minister Silvio Berlusconi.
The Dloadr-ALM Trojan horse arrives attached to an email purporting to come from bbc.italy2006@bbc.com. The email, which claims that Berlusconi has been killed by an Israeli solider, can have a variety of subject lines including ‘Berlusconi la morte’, ‘Berlusconi di terrorismo’, ‘Berlusconi Tragedia’, and ‘Berlusconi di omicidio’.
The attached files are called necfotos.zip, which contains an image of Berlusconi (silvio01.gif), and a malicious PIF file (silvio02.pif).
“The news report is of course false – Signor Berlusconi is very much alive, and launching the file will not show you a picture of the former Italian PM, but instead execute malicious code on your Windows PC,” said Graham Cluley, senior technology consultant at Sophos. “Hackers are exploiting the public’s interest in politics, current events and breaking news to spread malware. Anyone unfortunate enough to run this program risks allowing hackers to gain access to their computer to spy, steal and cause havoc.”
Sophos’s anti-virus products were automatically updated to protect against the Dloadr-ALM Trojan horse at 12:09 GMT on 16 August 2006.
“This latest attack appears to be currently targeted at Italian computer users, however it could spread its wings using other disguises in the future,” continued Cluley. “Combining regular anti-malware updates with sensible safe computing policies and a strong email policy at the gateway is the best way for businesses to reduce the risk of threats like this to a minimum.”