No, the BBC isn’t telling you about a gay video of the Georgian President

Graham Cluley
Graham Cluley
@[email protected]

I would have written about this at the end of last week, but I was fortunate enough to take a long weekend holiday in Italy watching the craziness of the Palio in Siena. Anyway, as we’ve been covering other aspects of the Georgia-Russia cyberspace conflict (such as denial-of-service attacks, website defacements, and malicious spam posing as news reports) it seems worth documenting this one too.

Following earlier malware campaigns posing as breaking news reports from CNN and MSNBC, we saw spam at the tail end of the week pretending to come from the BBC.

The emails, clearly not originating from a supporter of the government of Mikheil Saakahvili, claim that the Georgian leader has been caught in a homosexual video. Even if you think the story is highly unlikely, some might consider that the video will be a joke, or a piece of juvenile but topical satire, and risk following the link.

Clicking on the link, however, leads the unsuspecting user not to a blurry videotape capable of scaring Tuscany’s finest racehorses, but to a Trojan horse: Troj/FakeAV-BP.

Customers who have deployed Sophos’s anti-spam products at their gateway were proactively protected from receiving the spam messages in the first place.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.