iPhone app iPad app Android phone app Android tablet app More

Global Computer Virus Hides In Photos Of Gaddafi's Death

Gaddafi

First Posted: 21/10/11 14:01 BST Updated: 21/12/11 10:12 GMT

Amazing
 Inspiring
 Funny
 Scary
 Hot
 Crazy
 Important
 Weird

A global computer virus that hides in an email about Gaddafi's death has been detected by internet security firm Sophos. The malware was caught in its worldwide network of spam traps.

The scam appears to be an official email from newswire service AFP with images of Gaddafi's body but when users open the attachment, the virus infects Windows computers with malware.

A detected malicious email reads:

Subject: "Fw: AFP Photo News: Bloody Photos: Libya dictator Moammar Gadhafi's Death"

Message body:
"Libya dictator Moammar Gadhafi's Death
Libyan dictator Moammar Gadhafi, the most wanted man in the world, has been killed, the country's rebel government claimed Oct. 20. The flamboyant tyrant who terrorized his country and much of the world during his 42 years of despotic rule was cornered by insurgents in the town of Sirte, where Gadhafi had been born and a stronghold of his supporters."

"The death of Libyan dictator Colonel Gaddafi has almost inevitably resulted in cybercriminals taking advantage of the news story, and the general public's seeming interest in viewing ghoulish photos and videos of his last moments," said Graham Cluley, senior technology consultant at Sophos.

"As unlikely as the legitimacy of these emails may seem - in this case, the latest photos being forwarded to you in an email attachment - the news is often just too interesting for people to ignore. Internet users need to be sensible when it comes to a top news story, and not throw their security suspicions regarding links and unsolicited attachments out the window, in search of the latest revelations or shocking images."

PC users are advised to avoid opening the email and updating or applying their security settings.

FOLLOW HUFFPOST UK TECH

A global computer virus that hides in an email about Gaddafi's death has been detected by internet security firm Sophos. The malware was caught in its worldwide network of spam traps. The scam appe...
A global computer virus that hides in an email about Gaddafi's death has been detected by internet security firm Sophos. The malware was caught in its worldwide network of spam traps. The scam appe...
Related News On Huffington Post:
 

Read more from Huffington Post bloggers:
Dr. Josef Olmert

Dr. Josef Olmert: Now Libya, But What About Syria?

The massacre in Syria has gone on for too long. It has to stop, and the US and its allies should do a lot more to achieve that, even if they refuse to intervene militarily.

Filed by Melanie Hick  | 
 
 
  • Comments
  • 31
  • Pending Comments
  • 0
  • View FAQ
Comments are closed for this entry
View All
Favorites
Recency  | 
Popularity
petzl
Maker of Fine Climbing Equipment
82 Fans
07:57 PM on 11/02/2011
I dont get how the article author and none of commenters here have pointed out that:
You do not, you CANNOT get viruses from photos or any other thing that's simple data.
The only way you can get a virus is if its an executable, a program, that you run.

A photo, a text file, a simple email... you cannot get a virus from these. The attachment
has to contain some program that you actively run, to succumb to the virus.

(The only ambiguity here is, things you _think_ are data (like Word docs) are not safe, because
they can contain embedded macros, that are then executed.)

In the case of the Sophos/Qaddifi virus, It's not a "photo" thats the virus. It's an .RAR executable
masquerading as a photo collection. By calling the virus a "photo" it contributes to the ignorance
surrounding what is and is not dangerous on the Internet.

You should never run strange executables (especially on a Windows machine).
Permalink  |
NoBlueDogs
FIGHT Offshoring!!!
308 Fans
07:23 AM on 11/03/2011
Please do a Google search on "Jpeg exploit". This is just one link you will find:

http://technet.microsoft.com/en-us/security/bulletin/ms04-028
http://techsalsa.com/what-is-jpeg-exploit-and-how-it-works/
Permalink  |
Jonathan Foulkes
0 Fans
12:24 AM on 11/04/2011
Images can contain malicious code [both GIFs and JPGs]!!!

Read this from McAfee [anti-virus software maker]:
6. Can JPEG, GIF, and other image files be infected?
Yes. Some software programs have vulnerabilities that contaminate JPEG files with malicious code. Contaminated JPEG files can carry or launch a virus, worm, or Trojan on unpatched systems.
http://www.mcafee.com/us/mcafee-labs/resources/threats-faq.aspx#6

And read this from PCWorld [the magazine]:
"Innocent-Looking GIFs Host Malware Attacks"
http://www.pcworld.com/article/133275/innocentlooking_gifs_host_malware_attacks.html
Permalink  |
photo
tooncesrocks
my micro bio is empty
160 Fans
03:22 AM on 10/26/2011
that's what you get for reveling in the torture of a living being
Permalink  |
Joe Mahma
3 Fans
12:26 AM on 10/23/2011
..

At this point, if someone gets a computer virus, they deserve it.

.
Permalink  |
photo
HUFFPOST COMMUNITY MODERATOR
zelduh
Democrats: the REAL American patriots.
6013 Fans
 
01:20 AM on 10/23/2011
You are so kind.
Permalink  |
HUFFPOST SUPER USER
Howard53545
220 Fans
 
01:16 PM on 10/22/2011
One last blow from Gadalfi.
Permalink  |
StinkyPete0279
85 Fans
12:49 AM on 10/22/2011
"As unlikely as the legitimacy of these emails may seem"

Ah yes, because AFP so often sends me photos.
Permalink  |
photo
lindamom
never fry chicken in the nude
1029 Fans
11:21 PM on 10/21/2011
Glad I didn't click on that one but I wouldn't. There is enough blood and gore in our world that we do see and I believe he is dead anyway. Sorry to all those who were too curious though.
Permalink  |
photo
Ayla87
Don't Delete Me Bro!
89 Fans
08:01 PM on 10/21/2011
It's hard for me to feel much sympathy for people with infected computers. Dictator or not, anyone who clicks a link expecting to see photos of someone after he's been shot in the head is sick.
Permalink  |
photo
tooncesrocks
my micro bio is empty
160 Fans
03:23 AM on 10/26/2011
agreed
Permalink  |
photo
PenguinLinux
got root ?
157 Fans
06:23 PM on 10/21/2011
HuffPo - Please correct this article because there isn't anything such as a "Computer Virus". There are viruses which affect operating systems, not computers. Most malware, viri, trojan horses, etc, are wrtting for the Microsoft Operating System known as Microsoft Windows; so changing "Computer Virus" to "Microsoft Windows Virus" would be acceptable.

(Caveat: I used to consider Windows itself to be a virus, but I realized I was wrong because a virus actually does something.)
Permalink  |
photo
lindamom
never fry chicken in the nude
1029 Fans
11:19 PM on 10/21/2011
Can't help but lol on this one as I was a boycotter of Windows until I HAD to use it. I loved Norton Commander - remember that? Such a monopoly when you have to use something because no programs will work without it. F&F.
Permalink  |
photo
PenguinLinux
got root ?
157 Fans
11:23 PM on 10/21/2011
Yeah, I remember Norton Commander. I use Midnight Commander sometimes on Linux. Thanks for the F&F :)
Permalink  |
StinkyPete0279
85 Fans
12:51 AM on 10/22/2011
Linux nerd whines about semantics, spergs out. Film at 11.
Permalink  |
photo
HUFFPOST SUPER USER
Lindstr7
1034 Fans
 
06:09 PM on 10/21/2011
Why doesn't someone create a virus like that for pedo philes?
Permalink  |
photo
PenguinLinux
got root ?
157 Fans
06:21 PM on 10/21/2011
because in not only creating, but distributing such illegal images, they would be breaking the law in both cases.
Permalink  |
StinkyPete0279
85 Fans
12:50 AM on 10/22/2011
He didn't exactly suggest shooting real kiddy porn to embed it in, chief.
Permalink  |
photo
HUFFPOST SUPER USER
Lindstr7
1034 Fans
 
06:15 PM on 11/06/2011
Never mind, they heard my plea. :)
Permalink  |
photo
edenooch
nefarious humor
252 Fans
 
05:06 PM on 10/21/2011
gaddafi was the virus
Permalink  |
photo
Brian Stutchman
5 Fans
03:37 PM on 10/21/2011
Can somebody explain to me why people feel the need to spread viruses? I am fairly naive in the ways of the computing world...only been at it since 1994! This just absolutely makes me crazy! And now, last week I received a TSA from Microsoft of all people that there was a Windows virus SPREAD VIA WINDOWS UPDATES!
Is it all one big conspiracy to push everyone to buy smart tv's and eliminate the PC? Or is it the same thing only substitute smart phones for smart tv's? What does these people have against personal computing?
SMH...one more reason to find the highest bridge i can find and do a double somersault/double twist with a tuck.
Permalink  |
photo
HUFFPOST SUPER USER
cmr11
how do you want it
973 Fans
05:39 PM on 10/21/2011
i agree with you 100%. the only thing i can figure out is it's because there is money to be made from it. follow the money......... if you were a anti virus software company you need a bad guy doing bad things to make money right? to sell your latest and greatest security software? look at all of the companies that make money from it and the picture become more clear.... it does for me anyway. carbonite backs up your hard drive for a price don't they? just in case something wipes yours out...... lots of people stand to gain from it.
Permalink  |
photo
HUFFPOST SUPER USER
floodberg
Attorney (ret.)
858 Fans
03:16 AM on 10/22/2011
CMR11, When that Kreiber bot hit verizon and the big companies, my AVG stopped it cold.  My best bud (also a lawyer) kept dissing it, he had Norton (as did all his friends), and it cost him a fortune to repair his system.  My friend lost his other system when he tried to use one of those 'repair your system' checks advertised on AOL...geeks on call heard what had happened, took a look and told him to bag the whole thing.
Permalink  |
photo
HUFFPOST COMMUNITY MODERATOR
zelduh
Democrats: the REAL American patriots.
6013 Fans
 
12:58 AM on 10/23/2011
Usually, it is 16 year-old, pimply faced kids who are simply having fun.

However, that is not always the case. In 96-97, someone kept sending me brand-new virii via email from faked email addresses of friends and clients. (He apparently got a bunch of email addresses from someone I knew.)

I ended up on a first-name basis with an AV guy at Norton cuz the virii were not quite "in the wild" and he and his buddy at F-Prot/F-Secure in Europe liked figuring out the heuristics before their competitors even knew of the new virii.

It took me over a year, but (with the help of a couple hackers I met) I got him. He was a 24 year-old American guy, working for MCI in Baja California. Not only was the guy fired by MCI's CTO in a rather ignoble way, but the Mexican government arrested him and threw him in a Mexican prison for a while on claims of "corporate sabotage." (MCI was apparently a major tech supplier to the Mexican government at the time.)

I think it is MUCH harder these days to track bad guys like that, but it is not impossible. If I should ever have a problem again, I will try to enlist the aid of someone from Anonymous to track the sucker down. Since I am an all-Mac office, I am feeling pretty safe these days.
Permalink  |
HUFFPOST SUPER USER
Domo Tronic
Digital Magician
66 Fans
 
03:11 PM on 10/21/2011
I thought huff was going to post said picture, and malware. I guess they're smarter than I thought..........
Permalink  |