Spammers seeking "volunteers" to DDoS White HouseCybercriminals have begun to capitalize on the vehement debate in the country over health care reform, sending spam targeted at opponents of President Obama, according to email security vendor Proofpoint.
The emails, which claim to enable users to participate in a distributed denial of service (DDoS) attack against the president's website, come with the subject line “Here you can buy DDOS.” The body of the email says “If you don't like Obama come here, you can help ddos his site with your installs.”
Contained in the body of the message is a link that takes users to a site where they can download the supposed cyberattack tool, Keith Crosley, director of market development for Proofpoint told SCMagazineUS.com on Tuesday.
It's not clear if the download will actually be used to launch an attack against the White House website, Crosley said. What's evident though, is that the download is actually some form of malware.
The download site informs users that their anti-virus software might detect and disable the software. The site instructs users that if this happens, they should return to the site and download an update, Scott Panzer, lead data engineer at Proofpoint told SCMagazineUS.com on Tuesday. In addition, there are several other spam campaigns, including pornographic themed messages, being used to draw users to the same malware site, Panzer said.
“Typically, this is software that connects a machine to a botnet,” Panzer said.
Once a user is infected, their machine will be turned into a zombie that could potentially be used in a cyberattack, but will more likely be used to send spam, Sam Masiello, vice president of information security at messaging security firm MX Logic (which was recently acquired by McAfee) told SCMagazineUS.com on Wednesday.
This spam campaign illustrates the recent cybercriminal trend of “political hacktivism” that will likely continue in the future, Masiello said.
In late December, Muslim hackers launched a massive cyberattack, defacing more than 300 Israeli websites. A similar incident occurred in response to the contested presidential election results in Iran this June when political hacktivists launched DDoS attacks against Tehran government websites and used Twitter to encourage others to do the same.