I would have written about this at the end of last week, but I was fortunate enough to take a long weekend holiday in Italy watching the craziness of the Palio in Siena. Anyway, as we’ve been covering other aspects of the Georgia-Russia cyberspace conflict (such as denial-of-service attacks, website defacements, and malicious spam posing as news reports) it seems worth documenting this one too.
The emails, clearly not originating from a supporter of the government of Mikheil Saakahvili, claim that the Georgian leader has been caught in a homosexual video. Even if you think the story is highly unlikely, some might consider that the video will be a joke, or a piece of juvenile but topical satire, and risk following the link.
Clicking on the link, however, leads the unsuspecting user not to a blurry videotape capable of scaring Tuscany’s finest racehorses, but to a Trojan horse: Troj/FakeAV-BP.
Customers who have deployed Sophos’s anti-spam products at their gateway were proactively protected from receiving the spam messages in the first place.