Identity thieves have shown a new level of technical expertise, spreading malicious code through spam email, then using Google maps to identify the physical location of the hijacked computers.
The attack has been launched against computer users in Australia, Germany, and the U.S., according to a report in PC World.
In Australia, victims have been enticed to download a Trojan and backdoor code by clicking a link to read a false news story claiming Australian Prime Minister John Howard had suffered a heart attack. Once installed, the code allows the hacker to log the users' key strokes.
The code gives the hacker the precise number of infected machines around the world, and links to a corresponding Google map to reveal the physical location. The report said the maps server is used to translate each IP address into an actual physical address.
Some security experts believe the physical address could be a key piece of information for the hacker, helping him steal the infected computer user's identity. They say knowing the physical address may make it easier to access bank accounts and other sensitive information.
It's possible that the hackers will change the subject matter of the email to information more relevant for U.S. computer users as the scam gains ground. Currently, users who click on the link will see a "404 Error" page but that may also change as the scam develops.
John Howard is the latest in a long line of public figures to be used as bait by malware authors and hackers. Politicians such as Margaret Thatcher, Ronald Reagan, Bill Clinton, George W Bush and P.W. Botha have been have been used in the past.
Also, the promise of glimpses of glamorous celebrities like Halle Berry, Anna Kournikova, Julia Robers and Britney Spears have previously been used to help viruses spread.
"It seems the hackers are back to their old tricks of spamming out sensational headlines in the hope that computer users will forget to think before they click, and visit the website hosting the malignant code," said Graham Cluley, senior technology consultant for Sophos.
"The scammers have registered several domain names that appear to be associated with 'The Australian' newspaper, and have gone to effort to make people think that they really are visiting the genuine site by pointing to the real error page. Everyone should be on their guard against this kind of email con-trick, or risk having their PC infected."