There is a new spam campaign going around, which pretends to be a breaking news story about the death of Russian President Vladimir Putin according to Sophos.
Embedded in the HTML email is a hidden script that exploits the ADODB.Stream vulnerability to secretly download the malicious Troj/Dloadr-ZP Trojan horse from a Russian website. The Trojan horse is designed to download further malicious code which could allow remote hackers to gain unauthorized access to the victim’s computer.
Although the link pretends to be that of a BBC News report, the user is really directed to another Russian website purporting to be the home of a construction firm focused on providing heating systems for apartments and advertising training seminars.
“It appears whoever sent this spam is trying to discredit the Russian firm in what we call a ‘joe job’. Users may think that the spam was purely an attempt to drive traffic to the construction company’s products and seminars, whereas in fact hackers are also using the opportunity to try and infect unprotected PCs,” says Graham Cluley.
Other recent spam campaigns of a similar nature feature subjects about Osama Bin Laden suicide photos, and the death of Arnold Schwarzenegger.