NEWS FROM THE LAB - Monday, January 8, 2007

Don't click on Saddam attachments Posted by Mikko @ 14:03 GMT

In a non-surprising move, malware writers are trying to exploit the publicity around the hanging of Saddam Hussein to their own advantage.

So far we've seen three different examples of malware using Saddam-related themes.


These are now detected as W32/Banload.BSW, W32/Banload.BSX and Trojan-Downloader.Win32.Delf.acc.

Two of these try to disguise their actions by opening up a YouTube page with the Portuguese search keyword "enforcado" (execution). More information is available in our descriptions: Banload.BSX, Banload.BSW and Delf.acc.