Worm Entices Windows Users with Pics of a “Dead” Saddam Hussein

The Internet Patrol - Patrolling the Internet for You

Security company Sophos is reporting that the new spam-engine worm, Bobax.H, is enticing Windows users to open (and thus unleash) it by offering what it alleges to be pictures of a dead Saddam Hussein, supposedly killed during an escape attempt.

Targetting computers running Windows, Bobax.H is one of those breeds of Internet worm which not only mails itself to any addresses which it finds on an infected computer, but also disables security and anti-virus software, and installs an email relay, which allows the computer belonging to the hapless, unwary user to be used to relay thousands if not millions of pieces of spam.

Bobax.H is able to do its dirty work by taking advantage of the Windows LSASS vulnerability, which was first reported 10 months ago. A patch is available, but apparently enough Windows users don’t regularly update and patch their systems to make it worthwhile to release such a worm.

So, for your unpatched Windows users, and you know who you are – get the patch! It’s available [Page no longer available – we have linked to the archive.org version instead].

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

One thought on “Worm Entices Windows Users with Pics of a “Dead” Saddam Hussein

  1. I dont know if i have the same virus or not, but it did send itself to all my friends when i was connected, then it signed me off, when i tried to sign in again and type my email address the link automatically appears in the email address space and tries to sign but theres no password so it cant, but it seems to be a loop because it repeats itself… i have to press ctrl+alt+del and end messenger… i have tried many things to try to get rid of this virus but i cant… i dont know if it helps to give part of the link, but this is the last part “hanging_naked.php” thats all i know… Please help me

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.