Spam Data Mine Uncovers Russian-Georgian Escalation

Article ID: 543526

Released: 15-Aug-2008 1:15 PM EDT

Source Newsroom: University of Alabama at Birmingham

Newswise — The UAB (University of Alabama at Birmingham) Spam Data Mine is seeing new escalations in the so-called "Russian-Georgian Cyber War". More than 500 e-mails were received in a 90 minutes period this morning at UAB claiming to be a BBC story revealing that Georgian President Mikheil Saakashvili is homosexual.

"Clicking on the headline or the image, which is really being loaded from the BBC Web site, will take e-mail readers to a virus-laden Web page," said Gary Warner, UAB Director of Computer Forensics Research. "The danger is that almost no anti-virus products detected this virus when it began to be distributed this morning. Only 4 of 36 anti-virus products knew that this was a suspicious file in our tests this morning."

Warner points out that this virus is absolutely not related to the previous "news headlines" spam, which included the CNN campaign, and the still on-going MSNBC campaign, which Warner was the first to detect and report.. By volume, the MSNBC spam is about three times as prominent as the new BBC/Georgia spam, according to his statistics.

"Several of the computers being used to send the new spam campaign are in Russia, including at least one computer owned by the Federal Agency of Education." Warner said. Does this indicate a "Cyberwar?" Warner said far more likely is what was seen in Estonia: Russian youth activists organizing cyber attacks and cyber propaganda out of misplaced expressions of patriotism.

"These spam messages serve a dual purpose, a propaganda attack against Georgia, while adding compromised hosts to botnets controlled by pro-Russian individuals," Warner said.

More information is available on Warner's blog, CyberCrime & Doing Time:

View related video at

NOTE: WE ARE THE UNIVERSITY OF ALABAMA AT BIRMINGHAM, not to be confused with the University of Alabama, which is a completely separate university. Please use our full name on first reference and UAB thereafter. Thank you " Deb Lucas


Chat now!