|
The
emails borrow language from the website of the Democratic
National Committee and seek to leverage interest in the U.S.
presidential election following the first televised debate
Tuesday between Republican President Donald Trump and Democratic
contender Joe Biden, said Sherrod DeGrippo, senior director of
threat research at Proofpoint.
The Word document attached to the spam contains miniature
programs known as macros that, if enabled by the recipient,
install a password-stealing program known as Emotet, DeGrippo
said.
"We know that attackers will use themes and current events in
the hopes of compromising people," DNC spokesman Chris Meagher
said. "The DNC takes cybersecurity seriously and encourages
everyone to be vigilant when opening emails and attachments to
protect themselves."
The emails come less than five weeks before the Nov. 3 election.
Some 30,000 emails had been sent with the DNC theme by early
evening on the East Coast, the Proofpoint researchers said.
The emails appear with different sender names and subject lines,
but all assert in the text that they are sent on behalf of the
DNC and ask for volunteers, declaring: "the way we win is by
organizing."
The attachment is sometimes titled “Team Blue Take Action,”
according to an email intercepted by Proofpoint.
DeGrippo said she believes the email senders are motivated by
money, not politics. “They want to get the most clicks.”
Emotet steals financial passwords and usually installs other
malicious programs that can be controlled remotely, among other
things enabling ransomware, DeGrippo said.
(Reporting by Joseph Menn; Editing by Greg Mitchell and Leslie
Adler)
[© 2020 Thomson Reuters. All rights
reserved.] Copyright 2020 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
|
|
