Obama-related spammed trojan propagating worldwide

Several security companies including F-Secure, Sunbelt, and my employer Cloudmark (disclosure) are reporting a large volume of Obama-related spam that links to malware. This is just the latest twist on the long-running theme of social engineering end users into installing web-based malware.

The lures consist of e-mails with subject lines like:

Obama win preferred in world poll Can Obama win popular vote but lose election? New president's Will American Voters Elect a Black President Election Night Results

The message body does not vary much:

Barack Obama Elected 44th President of United States

Barack Obama, unknown to most Americans just four years ago, will become the 44th president and the first African-American president of the United States. Watch His amazing speech at November 5!

Proceed to the election results news page>>

2008 American Government Official Website This site delivers information about current U.S. Foreign policy and about American life and culture.

Jamie Tomasello, manager of the security operations center at my employer Cloudmark (disclosure) has estimated the prevalence of this particular spam strain to be on the order of tens of millions. Given the lure's low rate of content mutation, anyone with a decent spam filter should be able to catch the spam.

As I have said before, the malware-lure style spam will likely never go away. The snap desire innate in all of us to look at alarming news will always provide an opportunity for attackers to exploit desktop systems. Our only chance at preventing this style of attack in the future is solid anti-spam and a massive improvement in the state of anti-virus technology as it exists today.