Sponsored By

ID Thieves Dupe Users With Saddam Execution Video

F-Secure has tracked three different pieces of malware that use a Saddam theme to download a spyware keylogger that steals online bank account passwords.

Gregg Keizer

January 8, 2007

1 Min Read

Trojan horses piggybacked on messages that claim to include video clips of Saddam Hussein's execution are circulating, Finnish security company F-Secure said Monday. The tactic is typical of hustlers and cybercriminals, said F-Secure, which called the appearance of the malicious Hussein spam "a non-surprising move."

So far, F-Secure has tracked three different pieces of malware that use a Saddam theme. Two of them—Banload.bsw and Banload.bsx—try to disguise themselves by opening a YouTube search result page that shows hits from a keyword in Portuguese: "enforcado" (execution). All three exploits are in fact Trojans that download a spyware keylogger that steals online bank account passwords.

Hussein has been invoked several times by scammers in the past. Nearly two years ago, spam said to include pictures of Saddam after he'd supposedly been shot dead while trying to escape U.S. custody actually harbored the Bobax.h worm. Shortly after that, Nigerian fraudsters tried to dupe recipients into parting with their money by offering a share of the private fortunes of Hussein and his closest aids.

Video of Hussein's execution was captured on a cell phone and widely distributed on the Internet and via mobile networks after the former Iraqi dictator's hanging on Dec. 30.

About the Author(s)

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights