Bin Laden 'suicide' virus recruits zombie army

A new Trojan horse called Hackarmy that claims to contain pictures taken by CNN journalists of Osama Bin Laden's suicide has been discovered by antivirus companies after it was posted on several internet newsgroups.

But, once the file is opened, it installs a Trojan horse that effectively recruits the infected machine into the author's zombie army, which can then be used to distribute spam or launch DDoS attacks.

Hackers and virus writers are trying different tricks to try and get people to download their malicious code, said Graham Cluley, senior technology consultant for Sophos.

"It seems this time the hacker has focused on the public's morbid curiosity and appetite for news on the war against terror," he said.

Richard Starnes, president of security industry group ISSA UK, congratulated Sophos for highlighting the issue because it will allow users to "install preventative measures" before the Trojan becomes a widespread.

Malware writers try to get email users' attention and persuade them to open attachments or click on links even if they have been told not to, Starnes said.

"Anna Kournikova, Catherine Zeta Jones and I Love You are all variations of a theme; they are trying to entice the user into doing something they know they often know they shouldn't do," he added.

Antivirus and anti-spam companies have updated their software to detect the Trojan, according to Starnes, so users need to make sure they have the most recent version of their software.

"It depends on how long [it takes for] antivirus and anti-spam companies [to] respond by releasing new signatures and how quickly the customers respond by downloading and installing them," he said.

Terrorism has been a popular theme amongst malware writers recently. Last week, a variant of the Atak worm was linked with an Al-Qaeda sympathiser who allegedly threatened to release an "uber worm" if the US attacked Iraq.

Munir Kotadia writes for ZDNet UK