Macabre Milosevic malware mounts

Macabre Milosevic malware mounts


Death 'pics' used as a hook for malware intrusion

An IT security firm reported today that it has found nearly a million emails claiming to contain pictures of former Yugoslav president Slobodan Milošević's body.

However, the attachment contains a Trojan that could allow the writer full control of an infected system.

"Virus writers are playing on morbid human interest and using a high profile incident to cause as much damage as they can to businesses," said James Kay, chief technology officer at BlackSpider Technologies.

The Trojan, which was first seen at 19:00 on 14 March, was patched by the first antivirus vendor at 03:30 on 15 March and was named Trojan-Downloader.Win32.Small.cnk.

The malware enjoyed a window of exposure of eight and a half hours before it was patched.

"Newspapers and internet message boards are full of conspiracy theories as to how Slobodan Milosevic may have met his end, and this Trojan exploits interest in the news in an attempt to fool people into infection," said Graham Cluley, senior technology consultant at Sophos.

"Hackers are taking advantage of the public's morbid curiosity and appetite for breaking news in their desire to infect and compromise computers."