Trojan horse using Virginia Tech tragedy as bait
Another reason why spammers and malicious code writters should be subject to corporal punishment.

Spammers and hackers are using the slayings at Virginia Tech as a gory lure to infect computers with malicious software, security experts noted Thursday.

While the video made by gunman Cho Seung-hui prior to the killing of 33 people on Monday was widely posted on news Web sites and YouTube.com, spam e-mails were intercepted Wednesday night purporting to link to the footage on a Brazilian Web site, said Graham Cluley, senior technology consultant, at security vendor Sophos PLC.

If clicked, the link caused a computer to automatically download a malicious screensaver, called TERROR_EM_VIRGINIA.scr by Sophos, which installs a Trojan horse program that collects banking details, Cluley said.

It's unclear yet what banks the Trojan is engineered to exploit, Cluley said. Sophos has posted a screenshot of the spam.

The e-mails are unlikely to mean much to English speakers since they're written in Portuguese, Cluley said. But hackers have repeatedly used breaking news events to try to trick users into opening malicious programs.

"We might see other hackers jump on the coattails of this," Cluley said.

Read all about it here, courtesy of pcworld.com

Eric