Malware attack poses as bloody photos of Gaddafi's death

Filed Under: Malware, Spam

GaddafiThe death of Libyan dictator Colonel Gaddafi has almost inevitably resulted in cybercriminals taking advantage of the news story, and the general public's seeming interest in viewing ghoulish photos and videos of his last moments.

Malicious hackers have spammed out an attack posing as pictures of Gaddafi's death, tricking users into believing that they came from the AFP news agency and are being forwarded by a fellow internet user.

A typical message looks like this:

Gaddafi malware attack

Subject: Fw: AFP Photo News: Bloody Photos: Libya dictator Moammar Gadhafi's Death

Message body:

Libya dictator Moammar Gadhafi's Death

Libyan dictator Moammar Gadhafi, the most wanted man in the world, has been killed, the country's rebel government claimed Oct. 20. The flamboyant tyrant who terrorized his country and much of the world during his 42 years of despotic rule was cornered by insurgents in the town of Sirte, where Gadhafi had been born and a stronghold of his supporters.

Attached file: Bloody Photos_Gadhafi_Death.rar

Windows computer users who decompress the attached file are putting their PCs at risk of infection. The RAR archive file creates a malicious file called:

Bloody Photos_Gadhafi_Death\Gadhafi?rar.scr

Sophos anti-virus products detect the malware proactively as Mal/Behav-103.

Although there has been much speculation in the media about the possibility of Gaddafi-related malware attacks and scams, this is the first one that I've seen since the death of Gaddafi made news headlines around the world yesterday.

Internet users would be wise to remember to be very careful about the links they click on, and to be suspicious of unsolicited attachments.

, , , , , , ,

You might like

2 Responses to Malware attack poses as bloody photos of Gaddafi's death

  1. steve · 1412 days ago

    what's new, the spammers always latch onto big news like this, what is daft is when they proport to have videos of celebrity deaths which were not filmed like Amy Winehouse, always make sure what they are saying actually makes sence before you click and view world news on trusted sites like BBC or CNN

  2. WippyM · 1412 days ago

    Why would they have the urge to view such a dodgy e-mail attachment so hastilly when:
    1 - They can view such pictures on current news paper covers (shocking, right?)!
    2 - As a bonus, YouTube offers the last moments of Gaddafi's life, FOR FREE!
    Still, it's madness.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley