“Obama Quits” Spam Harvests PCs for Zombie Botnet
0 (0)

The Internet Patrol - Patrolling the Internet for You
Rate this post!
 

The Waledec botnet is using spam that claims that “Obama Quits”, explaining that “Barack Obama abandoned sinking ship” and that Obama doesn’t want any more to be president, in order to lure unsuspecting users to add their PCs to its group of zombied computers that it uses to do its dirty work. Other subject lines include “Who Will Be Our President Now?”, “End time for the USA”, and “Haven’t you heard latest news about our president-elect?”

The spam explains that “Barack Obama’s inauguration that was planned on 20th January 2009 is under the threat of failure,” and goes on to say that “On the Eve of Inauguration Day President-elect Barack Obama made statement. He declared that he is definitely NOT ready for this position. Analysts say that Barack Obama has refused to be next president because he recognized inconsistency of his plan of stimulating USA economy.” (Note the broken and poor English.)


The “Obama Quits” spam takes the user to a plausible-looking website which talks all about how Obama has decided to reject the highest office in the United States, and links to a file that is supposedly his speech on the subject. The file bears names such as ‘barakspeech.exe’, ‘obamaspeech.exe’, ‘statement.exe’, ‘obamanews.exe’, ‘president.exe’, ‘barack.exe’, and ‘usa.exe’.

A pretty safe rule is never download something with an .exe at the end, although that rule alone won’t keep your computer from being taken over.

According to Phil Hay, of security firm Marshal8e6 TRACE Labs, “The web site that these spam messages link to looks official and convincing at first glance. Closer examination reveals numerous spelling and grammatical errors on the site which could alert wary email users that this is a trick. Unfortunately we expect that many users who are lured to these sites will invariably click on the link and infect themselves.”

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

Some of the domains that are implicated in the “Obama Quits” Waledec botnet sweep include superobamaonline.com, greatobamaguide.com, and superobamadirect.com.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Rate this post!
 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.