Hackers using Gaddafi news to send malware


by CBR Staff Writer| 24 October 2011

Email claims to be from 'AFP Photo News', offers 'bloody photos' of Gaddafi's death

Spammers and cybercriminals are using the death of Libyan dictator Muammar Gaddafi, and the Agence France-Presse (AFP) photos bait to trick Internet users into downloading malware

Computer security firm Sophos has warned that cybercriminals are spreading an email that looks like a forwarded message. The mails sometimes have "AFP Photo News" pictures of a bloodied Gaddafi.

"In reality, opening the attached file on a Windows computer puts PCs at risk of malware infection," Sophos said.

Sophos senior technology consultant Graham Cluley said the "death of Libyan dictator Colonel Gaddafi has almost inevitably resulted in cybercriminals taking advantage of the news story, and the general public's seeming interest in viewing ghoulish photos and videos of his last moments."

"Hackers have spammed out an attack posing as pictures of (Kadhafi's) death, tricking users into believing that they came from the AFP news agency and are being forwarded by a fellow Internet user," Cluley said.

Cluley added that the email claims to be from "AFP Photo News" and offers "bloody photos" of Gaddafi's death.

The subject in a detected email with malware reads: "Fw: AFP Photo News: Bloody Photos: Libya dictator Moammar Gadhafi's Death". While, the message body reads: "Libya dictator Moammar Gadhafi's Death

"Libyan dictator Moammar Gadhafi, the most wanted man in the world, has been killed, the country's rebel government claimed Oct. 20. The flamboyant tyrant who terrorized his country and much of the world during his 42 years of despotic rule was cornered by insurgents in the town of Sirte, where Gadhafi had been born and a stronghold of his supporters.

"Attached file: Bloody Photos_Gadhafi_Death.rar "

Sophos has said that Windows computer users who decompress the attached file are putting their PCs at risk of infection. The RAR archive file creates a malicious file called: "Bloody Photos_Gadhafi_Death\Gadhafi?rar.scr" warned Sophos.

AFP has said that it has sent no such email, and has urged Internet users to avoid opening the email and updating or applying their security settings.

Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

756 people like this.
0 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.