http://www.theaustralian.news.com.au/story/0,20867,21257632-1702,00.html AAP February 20, 2007 EMAIL hackers are using a fake news alert claiming Prime Minister John Howard suffered a heart attack in an attempt to steal personal information from Australian PC users. The email features a news report falsely claiming to come from The Australian newspaper's online edition and which includes links to malicious websites. The news report, which is written in less-than-perfect English, claims the Prime Minister had suffered a heart attack and that surgeons were working to save his life. "The Prime Minister of Australia, John Howard have (sic) survived a heart attack," the email reads. "Mr Howard, 67 years old, was at Kirribilli House in Sydney, his prime residence, when he was suddenly stricken. "Mr Howard was taken to the Royal North Shore Hospital where the best surgeons of Australia are struggling for his life." Anyone clicking on links on the bogus report risks importing a virus. The Australian Computer Emergency Response Team (AusCERT) said today it was not yet clear how many systems had been infected. However, the virus, first reported yesterday, resembles previous attacks on Australian PCs. Last year, a trojan virus known as Haxdor accompanied an email claiming the National Australia Bank had gone bankrupt. Nationally, Haxdor infected about 10,000 systems over a period of several months. MacLeonard Starkey from AusCERT said the John Howard email was part of a broader trend in spamming that used topical events to suck in a broad mass of victims. "Everyone that loves him wants to click on it, everybody that hates him wants to click on it, so it's a fairly good all round one," Mr Starkey said. Once installed, the program is able to log any keyboard sequences or mouse clicks that a user may enter - including personal identification numbers used on bank websites - and change security settings. "It basically means some attacker, somewhere can do whatever they like on your system," Mr Starkey said. AusCERT is uncertain of the email's origin but says such viruses are increasingly originating in China. ______________________________________ Subscribe to the InfoSec News RSS Feed http://www.infosecnews.org/isn.rss
This archive was generated by hypermail 2.1.3 : Mon Feb 19 2007 - 23:18:56 PST