– At least 40 sites are falsely announcing Barack Obama’s resignation as President of the United States

– Users are asked to download a file to read the story. If the do, they will unknowingly download several malicious files to their computers

– These files turn the infected computer into a ‘zombie’ computer remotely controlled by cyber-crooks


PandaLabs, Panda Security’s malware analysis and detection laboratory, has detected 40 websites that are using Barack Obama, President-elect of the United Status, as bait to spread malware.

These pages contain the following headline: “Barack Obama has refused to be a President”

If users try to read the article a dialog box is displayed asking them to download a file. However, if they do so, a number of malicious files will be downloaded to their computers. These files turn the affected computer into a ‘zombie’ computer remotely controlled by cyber-criminals. Image here: http://www.flickr.com/photos/panda_security/3209435502/

“These zombie computers are normally networked to form ‘botnets’, as the malicious code that allows remotely controlling them is called ‘bot’. Botnets are then hired by cyber-crooks to third-parties that use zombie computers with malicious purposes such as sending spam or launching denial of service attacks”, explains Luis Corrons, Technical Director of PandaLabs.

According to PandaLabs, the attack seems to come from China, as all domains have been bought to a Chinese company with a long record of malware attacks.

This is not the first time that Barack Obama is used by cyber-criminals to distribute malware. Even during the presidential campaign and the days that followed the election, false news stories circulated that led to malware downloads.

For more information about this attack, go to the PandaLabs blog (https://pandalabs.pandasecurity.com/archive/Malware-Campaign-Impersonates-Barack-Obama_2700_s-Website.aspx).