Computer experts warn users of malware scams in the name of bin Laden. The Federal Bureau of investigation (FBI) has issued a warning to computer users across the world to exercise caution while opening emails claiming to carry bin Laden content in them. Malware has been found in on several websites sowing the news of the death of the al-Qaeda leader. Computer security experts have also said that online scammers were quick to exploit the death of bin Laden to spread malware.
Bin Laden scams are also spreading quickly on Facebook, Hypponen and others said. The latest scam plays on the reputation of Wikileaks, the organization that has leaked thousands of U.S. military and diplomatic messages during the last year. "Osama is dead, watch this exclusive CNN video which was censored by Obama Administration due to level of violence, a must watch," claims the Facebook spam. "Leaked by Wikileaks."
Security company Kaspersky Lab has said that at least two domains have been found to be serving up fake antivirus software called "Best Antivirus 2011" when one searched for "Osama bin Laden body" on a Google image search in Spanish. Sophos employee Paul Ducklin said, "Watch out for the links you're likely to come across in email or on social networking sites offering you additional coverage of this newsworthy event."
"It's not really surprising," said Mikko Hypponen, the chief research officer of Helsinki-based F-Secure. "We were expecting to see related malware." The shift to direct attacks follows Monday's campaigns to push fake security software, dubbed "rogueware," to both Windows and Mac users. Earlier today, F-Secure warned users to steer clear of spam that included the "Fotos_Osama_Bin_Laden.zip" archive attachment. Running the resulting Windows executable file doesn't display photographs, but instead launches a new banking Trojan horse belonging to the three-year-old "Banload" line, said Hypponen. The malware sniffs out online banking sessions and then tries to redirect payments to other accounts.
Symantec said it had found email messages touting photos and videos which so far have been written in French, Portuguese and Spanish, lead users to a fake CNN Web site where they're told to download video. As in the F-Secure instance, the download is, in fact, a "dropper" that in turn downloads malicious code to the Windows PC.
According to U.K.-based Sophos, the Facebook messages don't play video of the al-Qaeda leader's death, but actually dupe users into copying and pasting a line of JavaScript into their browser's address bar.
0 comments:
Post a Comment