It seems like al Qaeda are the terrorists of choice for spammers. Just recently, spammed messages claiming to contain news on Osama bin Laden and the al Qaeda terrorist network were found by Trend Micro researchers. Now here’s another one, and it comes with a video.
The spam claims to be from El Comercio – a popular news site in Lima, Peru. It tries to lure users by placing a malicious link that supposedly leads to a video download of Al-Qaeda about their attempt to attack Peru last July 28, 2008.
Figure 1.1 Spam that claims to be from El Comercio
Aside from El Comercio, spammers also used CNN to lure users into clicking the malicious link. Below is a screenshot of the said spam email.
Figure 2.1 Spam that claims to be from CNN
Clicking the link to download the video opens an instance of the user’s Internet browser and prompts the user to save the file.
Figure 2.2 Displayed message upon clicking the link on spammed messages
The video file Video_amenaza+Al-Qaeda.exe is detected by Trend Micro as TROJ_DROPPER.ODZ
Users are already protected from this attack by the Trend Micro Smart Protection Network. Spam runs banking on current affairs are really, old news. But as long as people keep falling for them, spammers will keep on using them.