January 27, 2009

Malicious links on President Obama's website

First it's fake Barack Obama websites spreading malware now the REAL BarackObama.com website is responsible for pushing the stuff. To be clear, it's not President Obama's people pushing it, it's a registered user of their site. Attackers are using one of the sites features called Community Blogs to place malicious links on the site.

A recent attack that I looked at featured what appears to be a embedded video but when you click it you are redirected through a couple different sites finally to a site selling rogue/fraudulent security software and trojans.

Another unfortunate example of the dangers of Web 2.0 and while this technique of using blogs to spread malware is not new (Google dev site, Twitter, 2005, German Wikipedia) I expect to see it grow in popularity due to how effective it's proving. Oh joy.


No comments: