A worm that seeks to tempt Windows users into infection by promising "death pictures" of Saddam Hussein has begun doing the rounds on the net. The Bobax-H worm offers up infected email attachments posing as “photographic evidence” that the former Iraqi dictator has been killed during an attempted escape bid from custody. Bobax-H also tries to spread by using the same vulnerability (MS04-011) used by the infamous Sasser worm.

Emails generated by Bobax-H come with a variety of message texts including: "Saddam Hussein - Attempted Escape, Shot dead. Attached some pics that i found". Other variations in subject lines used by the worm claim to have pictures of a captured Osama Bin Laden.

Windows users induced into running infected attachments will load a backdoor email relay module onto their PCs which can be used by ne'er-do-wells to distribute spam. The virus is in the wild but it isn't spreading rapidly. Anti-virus vendors rate Bobax-H as a low risk. ®

Related stories

Email worm poses as Osama videogram
Sasser worm creates havoc
German customs grab Saddam's left leg