The recently elected president of the United States, Barack Obama, is the subject of a malicious malware campaign designed to steal information from infected computers. Malware authors created a Trojan that exploits the high volumes of Web traffic around Obama, 60 percent of all spam messages using his name in what has become a globalized attack.  The most recent attack exploits users’ post-election curiosity with an e-mail that offers news about Obama’s victory and then offers the viewer a link that directs him to a video about Obama’s acceptance speech. In order to view the clip, users have to click on a link that will download the latest version of Adobe Flash Player.

Basically, once a user opens the link, he finds a file called adobe_flash.exe, a malicious Trojan downloader designed to distribute information-stealing software on unsuspecting victims. Afterwards, the compromised machine receives a RootKit that sends the user’s personal data to numerous command and control centers. Furthermore, the users’ computer is incorporated in a botnet, a network of computers programmed to perpetuate spam campaigns. The hackers registered about 15 to 20 domains yesterday in order to host the malware and fake site. All the domains are on so-called “fast flux” servers, where hackers switch domains between multiple IP addresses, in order to prevent their servers from being shut down.

It seems that this won’t be the last attack riding the wave of Obama’s fame. Other similar malware attacks have fooled people by using political figures such as Hillary Clinton, George Bush and others. The campaigns try to dupe users into installing a file posing as a video codec or player program. A nearly identical attack as the Obama one today took place last August, when malware attackers tried to convince users to install a fake version of Flash Player.