Russian-Georgian Cyber War Continues?!

News

Contributed by: Aurelija Skurvydaite
Date: August 18, 2008

	2 Vote 0	Russian-Georgian Cyber War Continues?!

War attacks between Georgia and Russia continue not only in real life but in the cyber world as well. This time, Spam Data Mine of the University of Alabama at Birmingham (UAB) reports about a new flow of spam attacks the look of which is similar to the recent CNN and MSNBC spam campaigns. In short, this new attack in the so called "Russian-Georgian Cyber War" aims to mock Georgia's president and infect users' computers by attracting their attention claiming that Mikheil Saakashvili is homosexual.

The first rather poorly worded spam messages were recorded by the Spam Data Mine of the UAB early on Friday morning. More than 500 such messages were received in the 90-minute period. Gary Warner, a director of computer research and forensics at the university, notes that by volume the MSNBC and CNN spams are about three times as prominent as the new BBC/Georgia spam. However, it should be added that the new Georgian spams are unrelated to the recent CNN and MSNBC spams.

Three noted subject lines of these emails are the following BBC NEWS, Weekly BBC NEWS and Your Subscription. Some of the most popular headlines of the messages include: Mikheil Saakashvili gay scandal! New of this week!; Saakashvili have a funny woman organ (pu..sy)! see it!; Funny Saakashvili gay video...See now! Sensation!; Sensation! President of Georgia... GAY! See now!; Last news! Saakashvili (president of Georgia) the gay!; President of Georgia - intim (GAY) video! see now!.

Each spam message contains a link to the story about Georgia's president and an image from the BBC. Warner warns users that clicking on the headline or the image will take them to a malicious Web server that then will, most probably, infect users' computers. The terrifying fact here is that at the moment only 4 out of 36 anti-virus products (namely eSafe, Ikarus, Norman and Webwashwer-Gateway) marked the "name.avi.exe" as suspicious.

So far these emails have been received from more than 40 IP addresses. None of them have been associated with spam attacks earlier. Warner noted that "Several of the computers being used to send the new spam campaign are in Russia, including at least one computer owned by the Federal Agency of Education." Although the spammers seem to be setting up a botnet, the ultimate use of this network remains unclear. Warner speculated that it could be used to launch further cyber-attacks against Georgian government computers.

Resources:

New BBC Spam Mocks Georgia's President and Spreads New Virus
Spam Data Mine Uncovers Russian-Georgian Escalation
Anti-Georgia Spammers Building New Botnet

User Comments

Top 10 Malware Threats

1.	Security Monitor
2.	Win 7 Home Security
3.	AV Protection 2012
4.	Cloud AV 2012
5.	System Fix
6.	Privacy Protection
7.	System Security 2012
8.	Duqu Trojan
9.	Windows Monitor
10.	PC Shield 2012

Most searched files

1.	vprot.exe
2.	GameXNGO.exe
3.	setup.ovr
4.	RosebudMUI.msi
5.	fp_ax_cab_installer.exe
6.	phoenix.exe
7.	InfDefaultInstall.exe
8.	AcroPro.msi
9.	FlashUtil11c_ActiveX.exe
10.	WinBootstrapper.msi

Newest files

1.	FlashUtil32_11_2_202_228_ActiveX.exe
2.	sisnicxp.sys
3.	NTIDrvr.sys
4.	int15.sys
5.	anbmServ.exe
6.	E_FATIADA.EXE
7.	HP_IZE.exe
8.	viaagp1.sys
9.	SISAGPX.sys
10.	R8139n51.SYS

Home Tips Downloads Videos Files Virus list Vulnerabilities

Home > Viruses Through Email > Russian-Georgian Cyber War Continues?!