The Latest in IT Security

US Election used as malware smokescreen


At first glance this looked like a “standard” email-malware attack.  As with many similar attacks the email pretends to be carrying an eticket attachment – this time from Delta.  The zip file holds executable malware.  In case we weren’t sure this is malware here are some of the giveaways:

  • The “flight” predates the email by about 2 months (August 2012)
  • Delta doesn’t fly to Corpus Christi (OK, I had to look that one up.)
  • The very curt instructions: “you can print your ticket”
  • It’s Delta not “Delta Air Lines”

At this point we would normally just file this as “eticket-email-malware”.

But wait. There’s more

There is text following that last line.  It’s in a white font and so does not appear on most recipients’ screens.  It reads:

  • US runs a 4th straight $1 trillion-plus budget gap
  • Obama team promises more aggressive president in second debate
  • Feisty Biden gives Democrats a reason to smile
  • Video: Issa: Budget cuts not issue in Libya attack
  • Obama team promises more aggressive president in second debate

In other words legitimate looking text designed to convince spam filters that this email is somehow genuine – and what could be more legitimate and genuine that the upcoming US election.  If you used a blue background on all of your screens (and we’re sure you don’t) then you would have seen it immediately.

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments