A worm that uses Saddam Hussein as a lure is doing the rounds, warn security experts.
The Bobax-H worm claims to contain photographic evidence that Hussein has been killed following an attempted escape bid from custody, says Netxactics CEO Brett Myroff.
"The Bobax-H worm spreads both via e-mail and using a Microsoft security vulnerability in the style of the infamous Sasser worm."
Users who run the attached file on a Windows computer risk infecting their PCs.
The worm attempts to disable the user`s anti-virus and security software and mail itself onto other addresses on the infected machine. It could also turn the user`s computer into a spam-generating machine, says Myroff.
"The worm will try to install an e-mail relay module, which can be used by external hackers for sending unsolicited mail."
A typical infected e-mail comes with the following message text: "Saddam Hussein - Attempted Escape, Shot dead. Attached some pics that i found". However, the worm can carry a host of different messages, with some versions also claiming to contain pictures of a captured Osama Bin Laden, says Myroff.
"Many people these days use the Internet to keep abreast of the latest breaking news stories, and it is these individuals that worms like Bobax-H are trying to infect."
People who launch unsolicited attachments without thinking are walking straight into the hands of malicious virus writers and spamming gangs, he adds.
Anti-virus vendor Trend Micro rates the worm as a low threat at present, although worms that make use of topical information always carry a potential to spread.
The Bobax-H worm exploits the same LSASS vulnerability first reported by Microsoft on 13 April 2004 in Microsoft Security Bulletin MS04-011, and later exploited by the widespread Sasser worm, says Myroff.
"There`s really no excuse for computers still to be suffering from this Microsoft security vulnerability 10 months after a fix was first made available, as so many major viruses have tried to take advantage of it."
Related stories:
Worm rides Tsunami
Beware Bin Laden suicide virus
Share
