That certainly didn't take long, did it? 

Just hours after Barack Obama was projected by all of the major news outlets to become the 44th President of the United States, cyber criminals have already launched a link-based malware campaign using Obama as a lure.  Uncle Sam wants you to vote.  Spammers want you to join their botnets!

As with most effective malware campaigns, timeliness is everything.  From what we are seeing so far, the social engineering tactic being used coupled with the interest of the election and its outcome, high volumes of this tactic are already being observed as many users are being tricked and infecting their PCs with this malware which will be used to send out more of this type of spam.

Starting at about 8am MST this morning we started to see messages come into our spamtraps purporting to be from various credible news organizations using from addresses like news@bbc.com, news@cnn.com, election@usatoday.com, among others.  The emails have subject lines such as "Barack Obama Wins", "Election Night Results", and "Fear of a Black President".

The messages themselves vary a bit, but the basic premise is the same across the different variants that we have observed so far.

Here is one sample:

-----------------------------------------------
Barack Obama Elected 44th President of United States

Barack Obama, unknown to most Americans just four years ago, will become the 44th president and the first African-American president of the United States.
Watch His amazing speech at November 5!

Proceed to the election results news page>>

2008 American Government Official Website
This site delivers information about current U.S. Foreign policy and about American life and culture.
------------------------------------------------

As usual, note the grammatical errors.

The link in the message brings the user to a look alike news web site which alleges that the user must download an updated version of flash to view the video of Obama's speech:




Clicking on the download link attempts to download a file called adobe_flash9.exe, which contains the malware.

If early indications are any result of future success, this campaign is going to be a success, but won't win the popular vote (ok, sorry for my bad political humor).  In the first 2 hours we have already seen almost 1M of these messages (over 350k in the 8am MST hour and over 600k in the 9am hour). 

The folks over at Websense reported another Obama malware campaign in Spanish.  This, however appears to be a very low volume, targeted campaign.  We have seen less than 50 of these total, but it underlines the fact that cyber criminals are definitely jumping on the post-election bandwagon and doing it in a big way.  Strangely enough, if this trend continues we might see more post-election spam than we saw pre-election.  Who would've expected that?