Malware Creators Capitalizing On Osama Bin Laden News

Cyber criminals have quickly exploited the death of the most hunted man in the world, Osama bin Laden. “Within 24 hours we can expect in excess of 100 million spam emails” related to bin Laden’s death, said Symantec SMB director Steve Martin. New popular search terms like “Osama bin Laden death” are a vulnerable target in search engine rankings. Cybercriminals stepped up their use of Osama Bin Laden’s death by inserting malware into PCs when users fall for phony claims of photographs and videos, security researchers said today.”It’s not really surprising,” said Mikko Hypponen, the chief research officer of Helsinki-based F-Secure. “We were expecting to see related malware.” Malware creators wasted no time in creating fake images of bin Laden in death to attract users to click on malware, according to Zscaler. Farther down the page, a message on a flash video player asks users to update a VLC plugin in order to view the footage. Those who click on the link, however, will download not a media player, but an adware tool known as ‘hotbar’. Zscaler warns users to use precauting before visiting unknown sites that purport to have bin Laden photos or videos. Meanwhile, at least two malicious domains, ***-antivirus.cz.cc/fast-scan/ and ***pe-antivirus.cz.cc/fast-scan/, have taken advantage of this loophole to rank high in Google Image search results with alleged photos of Osama bin Laden, according to a blog post by antivirus software company Kaspersky Lab. Both domains, according to the company, offer a copy of the rogueware “Best Antivirus 2011.” Chief security officer at Return Path, Sam Masiello, says it’s only a matter of time before malware-infected spam starts to appear. Masiello advises users to be diligent and not click on links to Bin Laden-related news. Instead, he tells users to type in URLs manually for trusted news sites. Other enterprising Internet villains have posted links on social media sites that appear to offer news about Osama bin Laden’s death, but redirect to spam or malware. Researchers at Kaspersky Labs said they noticed scam ads on Facebook promising free merchandise in celebration of bin Laden’s death. Users who click on the ads will be redirected multiple times, with each layer asking for more detailed personal information. Users of the social networking site Facebook are being warned to ignore a link on Facebook that claims to reveal a video of the death of Osama bin Laden. The messages, posed as updates on Facebook users’ walls, claim to offer banned video footage of bin Laden’s death by gunfire from US forces in Abbottabad, Pakistan. Online users should stay clear from opening the “Fotos_Osama_Bin_Laden.zip” archive attachment. The Windows executable file doesn’t display photographs or videos , but instead launches a new banking Trojan horse belonging to the three-year-old “Banload” line, said Hypponen, the Chief Research Officer of Helsinki-based F-Secure . The malware sniffs out online banking sessions and then tries to redirect payments to other accounts. Another malware infection attempt that uses the Bin Laden death was a click-fraud campaign on Twitter that intended to redirect traffic to a site with publicity on it. The trend topic changes to keep the campaign under the radar while being propagated. The same links to the click-fraud campaigns are sent out as either Bin Laden death videos or as alleged banned videos of recording artists Justin Bieber and Bruno Mars. When a user clicks on the links, the destination page poses as a YouTube video. Instead of asking the victim to download a code, upon clicking a button in the video a new malicious tweet will be created in the victim´s own Twitter account, thus “replicating” itself. “The goal of the fraud is to redirect traffic to a page with publicity, earning the malware propagators some revenues by exploiting a trending topic,” according to Vicente Diaz, a Kaspersky Lab malware researcher. Diaz advised the public to be very careful of links about topics that seem suspicious and too obvious to be legitimate to avoid being scam victims. The frequency of cyber crime is only going to increase if websites’ owners fail to pay attention on the vulnerabilities of their network security. They need to implement robust information security initiatives, including having a proficiently skilled IT security workforce, in order to avoid cyber crimes. IT security professionals can increase their information security knowledge and skills by embarking on advanced and highly technical training programs. EC-Council has launched the Center of Advanced Security Training (CAST), to address the deficiency of technically proficient information security professionals. Additionally, the all-new EC-Council CAST Summit series is also created to make advanced information security training opportunities available for information security professionals across the globe. It will be the excellent platform for any IT security professionals to acquire cutting edge skills by embarking on the CAST workshops, or further enhance their IT security knowledge by attending the one-day seminar. The 3 days CAST Summit workshop covering current and important security topics such as penetration testing, application security, cryptography, network defense and mobile forensics training, and allows for participants to actually learn, and not just listen or be rushed through a short presentation like how it’s like in many other events or conference. All of these IT security trainings will only conducted by appointed EC-Council Master Trainers, some of whom are authors of the respective trainings.