Hackers exploit political biases to bait users to click malware
WASHINGTON — Malicious software makers are increasingly turning to a new target to get you to click: your favorite politician.
The “Donald Trump Screen of Death” or a dancing Hillary Clinton are just some of hundreds of political-themed malware programs that are circulating on the internet, Cisco Talos cybersecurity experts said in a blog post this month. The programs vary in severity, from a nuisance that can be clicked away to malware that can hack a corporate network.
It’s the latest iteration in our political world, preying on an partisan population that expects people to click according to their views, experts say. It also draws upon the already popular nature of sharing memes and other potentially biased information on social media.
“No one really factchecks a meme — that would be pretty silly — so information can be shuttled in the same sort of way,” said Heather Suzanne Woods, an assistant professor at Kansas State University and coauthor of the book “Make America Meme Again: The Rhetoric of the Alt-Right.”
As the 2020 U.S. presidential election draws near, cybersecurity and social media experts are worried about the potential fallout related to a divided country. Already, Russia and other foreign nations have been working to take advantage of bias with disinformation campaigns, something they did during the 2016 U.S. election.
Malware is banking on a similar bias, experts say, incorporating political names and images to try to get people to click.
Malware has used these tactics for years, and experts warn that it could get worse over the holidays.
Craig Williams, director of outreach at Cisco Talos, the threat intelligence division of the technology conglomerate, says that with the 2020 election approaching, malicious software creators will target those in the holiday spirit via email or a social media link.
But those clicks come at a cost. Malware can be used to extort money or hack into a network. It can also install a havoc-wreaking update.
Even malware that appears to just be obnoxious can sometimes mask a more nefarious purpose.
Danny O’Brien, director of strategy for the Electronic Frontier Foundation civil liberties group, says malware-infected devices can be used for a wide range of criminal activities.
A program that allows access to an individual’s contact list can create fodder for a “spear-phishing” campaign, like the one that preceded the hacking of Democratic Party networks in 2016. Hackers used official-looking emails to steal passwords from staffers and access opposition-research material.
And they’re targeting victims across the political spectrum.
Cisco Talos researchers identified an “Obama Injector” that inserts code into a victim’s device to hide a hacker’s actions. “Putin Lockware 2.0” creates a screen that is difficult for the user to exit and demands a ransom payment in exchange for removal of the program. There’s also “Dancing Hillary,” which allows the user to control a dancing Clinton animation, though the purpose of the program is unclear.
O’Brien says malware with such an exaggerated political focus is more likely to be authored by petty thieves than a state-sponsored agent. Still, such programs can harm the political process regardless of the intent of the creator.
“What national experts in the previous election saw was that removing trust in the process itself was as important a goal as steering people to a particular candidate,” O’Brien said.