14 DAY TRIAL // Experts at SophosLabs - Sophos's global network of analysis centers - have revealed in a press release that the a malicious report of Silvio Berlusconi's death is used in a Trojan related attack. The source of the spammed emails is [email protected], and as a part of the social engineering scheme, the attacker makes various subject references including: "Berlusconi la morte", "Berlusconi di terrorismo", "Berlusconi Tragedia", and "Berlusconi di omicidio". The apparent news report informs of Berlusconi's killing by an Israeli soldier and comprises an attached necfotos.zip achieve containing a .gif picture and a .pif malicious file that on execution drops the Troj/Dloadr-ALM trojan horse upon the victim's machine.
"The news report is - of course - false, and launching the PIF file will not show you a picture of Signor Berlusconi, but instead execute malicious code on your Windows PC," stated Graham Cluley, senior technology consultant at Sophos. "Hackers are exploiting the public's interest in politics, current events and breaking news to spread malware. Anyone unfortunate enough to run this program is running the risk of allowing hackers to gain access to their computer to spy, steal and cause havoc."
"This latest attack appears to be currently targeted towards Italian computer users, but it could spread its wings using other disguises in the future. Businesses have to learn that keeping anti-virus software up-to-date is essential," continued Cluley. "Regular anti-malware updates combined with sensible safe computing policies and strong email policy at the gateway reduces the risk of threats like this to a minimum."