White House E-Card Spoof Steals Data

A Christmas e-card that claimed to be from the White House spread something other than cheer this past holiday season. The card actually continued a virus that stole documents from the computers of unsuspecting users.

The card, sent to an unknown number of people, many believed to be in government, was signed from the Executive Office of the President. Recipients who clicked on the link and opened the card.zip file caught a Zeus Trojan virus that snatched documents and passwords and uploaded the data to a server in Belarus, Network World reported on Monday.

The spoof stole more than 2 gigabytes of documents in Microsoft Word, Excel and PDF format, according to security expert Brian Krebs in a blog post.

Krebs said one of the victims was an employee at the National Science Foundation's Office of Cyber Infrastructure and the documents collected included hundreds of NSF grant applications for new technologies and scientific approaches. Another victim was an intelligence analyst in the Massachusetts State Police, whose documents might have recently received top-secret clearance.

For those tech geeks out there, Network Forensics has the coding of the virus on its blog.