No, the BBC isn’t telling you about a gay video of the Georgian President

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

I would have written about this at the end of last week, but I was fortunate enough to take a long weekend holiday in Italy watching the craziness of the Palio in Siena. Anyway, as we’ve been covering other aspects of the Georgia-Russia cyberspace conflict (such as denial-of-service attacks, website defacements, and malicious spam posing as news reports) it seems worth documenting this one too.

Following earlier malware campaigns posing as breaking news reports from CNN and MSNBC, we saw spam at the tail end of the week pretending to come from the BBC.

The emails, clearly not originating from a supporter of the government of Mikheil Saakahvili, claim that the Georgian leader has been caught in a homosexual video. Even if you think the story is highly unlikely, some might consider that the video will be a joke, or a piece of juvenile but topical satire, and risk following the link.

georgia-message.jpg

Sign up to our free newsletter.
Security news, advice, and tips.

Clicking on the link, however, leads the unsuspecting user not to a blurry videotape capable of scaring Tuscany’s finest racehorses, but to a Trojan horse: Troj/FakeAV-BP.

Customers who have deployed Sophos’s anti-spam products at their gateway were proactively protected from receiving the spam messages in the first place.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.