Warning: ‘Mitt Romney Almost President’ Is a Malware Attack, Not a CNN Alert

Don't let your computer get drafted to the botnet army!

Detail of image from SophosLabs

SophosLabs reports that malware attacks tend to surge near major elections and the most recent is calculated to pull in anxious voters on either side of the political spectrum; a malicious email purporting to come from CNN declaring “CNN Breaking News–Mitt Romney Almost President.”

Sign Up For Our Daily Newsletter

By clicking submit, you agree to our <a href="http://observermedia.com/terms">terms of service</a> and acknowledge we may use your information to send you emails, product samples, and promotions on this website and other properties. You can opt out anytime.

See all of our newsletters

In a post on their NakedSecurity blog, Sophos explains why no one should click a link from an email like this:

The links all follow the standard Blackhole exploit kit formula. The link in the email takes you to a page that directs you to some nasty JavaScript found on other sites controlled by the attackers.

Even if a user who follows those links is on a protected computer, Sophos reports that the hack then takes another step by trying to send users to a page that appears to be an innocent Adobe Flash update, but in reality tries to infect the victim’s computer with the same exploit.

Blackhole exploits are nasty. A few weeks ago Ars Technica explained how most Blackhole exploits work:

BlackHole is a widely-used, web-based software package which includes a collection of tools to take advantage of security holes in web browsers to download viruses, botnet trojans, and other forms of nastiness to the computers of unsuspecting victims. The exploit kit is offered both as a “licensed” software product for the intrepid malware server operator and as malware-as-a-service by the author off his own server.

Blackholes can essentially transform our friendly laptops into remotely-controlled members of a kind of zombie horde. Botnets can be used for all kinds of ugliness, including denial of service (DDoS) attacks.

SophosLabs expects similar shenanigans to continue until the election is over and possibly for months afterward.

Avoiding the malicious Mitt Romney email is easy–don’t click links from emails at all, go directly to the website that appeared to send the message. Recipients receiving this particular message should also wonder if it even makes sense–no major news outlet, certainly not CNN, would even bother with headlining a story that a candidate is “almost president” and calling it “breaking news.”

As is often the case with malicious emails or direct messages, common sense is the best defense.

Warning: ‘Mitt Romney Almost President’ Is a Malware Attack, Not a CNN Alert