Sick virus writers are exploiting the bombing in London last week in order to propagate malicious code.
The virus, which affects Windows-based computers, claims to have a link to a website that shows amateur footage taken just after the blasts that affected three tube trains and a bus last Thursday. Clicking on the link allows the attacker to remotely control the affected computer.
According to email security company Messagelabs, the email is designed to look like a CNN newsletter and is entitled “TERROR HITS LONDON”. It also has a file attached called “London terror moovie.avi”. The trojan modifies a registry key so that it automatically starts every time the machine is rebooted and looks for a list of SMTP servers the machine uses and attempts to send large numbers of spam through those servers.
Alex Shipp, senior anti-virus technologist at Messagelabs said the people behind the virus were criminals taking advantage of people’s curiosity.
“We often see a lot of opportunists taking advantage of breaking news stories to send out viruses,” said Shipp. “They are criminals hoping to take control of people’s machines in order to send out loads of spam.”
He said virus writers create the infected email and then wait for a suitable event to happen before releasing it onto the internet.
Criminals used similar tactics last month with a mail claiming Michael Jackson had attempted suicide.