AusCERT, the national Computer Emergency Response Team for Australia, reported on Friday that a series of malicious emails falsely reporting the death of Australian Prime Minister John Howard have been recently distributed.

The recent emails have been reported to contain a variety of subject lines, including:

John Howard Tragedy
John howard funeral
John howard necrologue
John howard murder
John howard terrorism

Similar emails appear to be targeting Italy and the UK with messages reporting their government leaders’ assassination. The emails include a zip attachment containing a malicious file that installs a Torpig trojan designed to steal online banking credentials, according to AusCERT. “Torpig (also known as Sinowal or Anserin) is a sophisticated credential capturing trojan which uses stealthing (rootkit) techniques, can disable anti-virus products and can inject arbitrary content into legitimate web pages. Further information on this malware is available from anti-virus vendors.”

AusCERT further advises that system administrators consider monitoring their proxy logs or blocking access to the following URLs that the Trojan connects to:

h**p:// zhmbscwdgk, biz
h**p:// rafer71, com
h**p:// sacromento, net
h**p:// 81.95, 147.41

Note: the malicious URLs have been altered to avoid accidental clicking.

We at PCSecurity.com.au are assured that Prime Minister John Howard is alive and in
good health.