First of all F-Secure would like to send its condolences and deepest sympathies to the families and friends of those who lost their lives in the terror attack in London.
After the 9/11 attack against the World Trade Center in New York we started to see malware that used the tragic events in an attempt to trick users into running malicious attachments. After only two weeks after the 11 september the e-mail worm W32/Vote.A@mm was found and exactly a year after the event another e-mail worm, W32/Chet@mm, was found. While Vote.A didn't spread very well the Chet worm was widespread and forced us to issue a F-Secure Radar 2 warning.
Unfortunately we've already found the first trojan that tries to exploit the London bombings. It's arrives as an attachment in e-mail messages looking like this:
The ZIP file contains the file ''London Terror Moovie.avi <124 spaces> Checked By Norton Antivirus.exe'. F-Secure detects the trojan as 'SpamTool.Win32.Delf.h' with the update [2005-07-11_01].