Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    A new attack spreading BUZUS malware via Windows Live Messenger has been spotted. Trend Micro advanced threats researcher Loucif Kharouni spotted the messages spreading via the popular instant-messaging (IM) application, samples of which can be seen below.

    Click for larger view

    The text before the links are in French and tells users to click the link that follows. Some of these links made users believe that they were viewing a photo related to an accident that supposedly killed U.S. President Barack Obama. Others used domain names similar to legitimate sites like Facebook and YouTube.

    In reality, however, the links lead to malicious BUZUS variants detected by Trend Micro as TROJ_BUZUS.BTA and TROJ_BUZUS.BTB.

    Malware attacks using Barack Obama as social engineering bait date back to his 2008 campaign for the U.S. presidency. Previous attacks were seen both around his election (both for pharmaceutical spam and spreading malware) as well as around his inauguration.

    Trend Micro™ Smart Protection Network™ protects customers from this threat by blocking user access to the malicious websites that host the malicious files. It also detects and prevents the download of TROJ_BUZUS.BTA and TROJ_BUZUS.BTB via the file reputation service.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice