The Waledec botnet is using spam that claims that “Obama Quits”, explaining that “Barack Obama abandoned sinking ship” and that Obama doesn’t want any more to be president, in order to lure unsuspecting users to add their PCs to its group of zombied computers that it uses to do its dirty work. Other subject lines include “Who Will Be Our President Now?”, “End time for the USA”, and “Haven’t you heard latest news about our president-elect?”
The spam explains that “Barack Obama’s inauguration that was planned on 20th January 2009 is under the threat of failure,” and goes on to say that “On the Eve of Inauguration Day President-elect Barack Obama made statement. He declared that he is definitely NOT ready for this position. Analysts say that Barack Obama has refused to be next president because he recognized inconsistency of his plan of stimulating USA economy.” (Note the broken and poor English.)
|Get notified of new Internet Patrol articles for free!
|Or Read Internet Patrol Articles Right in Your Inbox!
as Soon as They are Published! Only $1 a Month!
Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
The “Obama Quits” spam takes the user to a plausible-looking website which talks all about how Obama has decided to reject the highest office in the United States, and links to a file that is supposedly his speech on the subject. The file bears names such as ‘barakspeech.exe’, ‘obamaspeech.exe’, ‘statement.exe’, ‘obamanews.exe’, ‘president.exe’, ‘barack.exe’, and ‘usa.exe’.
A pretty safe rule is never download something with an .exe at the end, although that rule alone won’t keep your computer from being taken over.
According to Phil Hay, of security firm Marshal8e6 TRACE Labs, “The web site that these spam messages link to looks official and convincing at first glance. Closer examination reveals numerous spelling and grammatical errors on the site which could alert wary email users that this is a trick. Unfortunately we expect that many users who are lured to these sites will invariably click on the link and infect themselves.”
Some of the domains that are implicated in the “Obama Quits” Waledec botnet sweep include superobamaonline.com, greatobamaguide.com, and superobamadirect.com.
No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!
|Get notified of new Internet Patrol articles!