From Sophos - http://www.sophos.com/virusinfo/article ... email.html
Election night fright as hackers attack innocent users' bank accounts
Users are being warned not to click on links claiming that Tony Blair's email account has been hacked.
Experts at SophosLabsâ„¢, Sophos's global network of virus and spam analysis centres, have warned computer users to be wary of an email message that has been sent out in the early hours of Friday morning, claiming that British Prime Minister Tony Blair's email account has been hacked. The email message, has been spammed out to British email addresses during the night of the UK elections, which saw Blair's Labour party returned to office for a third term.
Sophos warns that users who click on the link contained in the email can be infected by a series of Trojan horses that aim to steal confidential information from infected PCs, and sensitive online banking account details.
The email arrives with the subject line:
BBC: Tony Blair email account hacked!
and the message body:
BBC: Tony Blair email account hacked!
Screenshot is here!
"Clicking on the link takes users to a website which invisibly installs a Trojan horse on the victim's computer. This Trojan horse then attempts to install other malicious code onto the infected computer and install password stealers which can be used by hackers for grabbing sensitive information and bank account details," said Graham Cluley, senior technology consultant for Sophos. "The computer underground knew that many in Britain would be following the latest political news this morning, and have deliberately created a bogus story about Blair's email account being hacked to lure people into clicking on their malicious link. Everyone should exercise extreme care about how they respond to unsolicited emails, and ensure their anti-virus and anti-spam software is kept up-to-date."
One of the Trojan horses, Troj/PWSAgent-A, attempts to steal INETCOMM server passwords, Microsoft Internet Explorer FTP passwords, Outlook account manager passwords, and POP3, HTTP and ISP email addresses. Other malicious code used in the attack includes Troj/JDownL-A, Troj/Viper-A, Troj/Viperjs-A and the Troj/Dumaru-BE banking Trojan horse.
"Curiously it appears that the people behind this election night hack attack may have made a small error. It appears that the email messages were supposed to display a photograph of Tony Blair from the BBC website to lend it credence, but an elementary mistake in their HTML coding has meant only the text of the message is displayed rather than a picture of the Prime Minister," continued Cluley.
Sophos experts have issued anti-virus updates to protect customers. Sophos PureMessage, Sophos's consolidated gateway protection against viruses and spam, already detects the emails as unsolicited spam.
In 2003, a different worm displayed a scathing attack on the policies of Tony Blair's government and attempted to launch a denial-of-service attack against the 10 Downing Street website.
Bertha