Trojan Spreads in Michael Jackson Spotlight

British anti-virus firm Sophos says hackers are slamming computers around
the world with a Trojan virus by sending e-mails claiming Michael Jackson has
tried to kill himself.

The massive spam campaign preys on people’s curiosity with the “King of
Pop” and the huge interest recently generated with his on-going child abuse
trial.

The e-mail, with the subject line “Re: Suicidal aattempt,” is
loaded with spelling errors and contains a link to a bogus suicide note.

The message reads: “Last night, while in his Neverland Ranch, Michael
Jackson has made a suicidal attempt. They suggest this attempt follows the
last claim was made against the king of pop. 46 years old Michael has left
pre-suicid note which describes and interpretes some of his sins. Read
more…”

The linked site contains a Trojan program known as Troj/Borobt-Gen and
quickly installs malware onto the computer via a patchable flaw in Internet
Explorer, according to Sophos.

“If you click on the link, the Web site displays a message saying it is too
busy, which may not surprise people who think it might contain genuine
breaking news about Michael Jackson,” Carole Theriault, security consultant
at Sophos, said. “However, this is a diversionary tactic, because behind
the scenes, the Web site is downloading malware onto the user’s computer
without their knowledge.”

Infected computers become part of a network that can be used to generate
spam or take part in online Denial-of-Service attacks, according to Sophos.

It is not the first time hackers have taken advantage of Jackson’s
notoriety. In 2004, malicious coders pushed the Hackarmy Trojan to an
unsuspecting public by sending e-mail offering video footage from Jackson’s
home videos.

“The sick minds behind viruses and other malware often exploit celebrity
names and news stories in an attempt to infect as many people as possible,”
Theriault said. “All computer users should be very careful about clicking on
Web links in unsolicited e-mail or launching unknown attachments.”

Sophos recommends companies automatically update their corporate virus
protection, and filter attachments that may contain malicious code at the
e-mail gateway with a consolidated solution to defend against viruses and
spam.

News Around the Web