After yesterday’s Barack themed malware spam attack, it was no surprise this morning to find BarackOb.exe first in the queue for analysis. President Elect Obama is definitely the hottest name in malware right now, one of the unfortunate side effects of success. With his historic victory over Senator McCain still fresh in everyone’s mind, how many people would find themselves tempted to open a file this morning bearing his name and flying the US flag?
Malware writers and spammers alike are hoping that people just won’t be able to resist. In this case, opening the executable will leave you open to having your bank details stolen. The file, detected by Sophos as Troj/Bancos-BES, attempts to modify your hosts file, direct you to a bogus banking website and steal your credentials.
As ever, our advice is to take care over which files you run on your system. If you don’t know what it is or where it’s from, and especially if it has anything to do with the current hottest news, don’t touch it.