IDG News Service - The Pakistani programmer who dubbed himself "the guy who liveblogged the Osama raid without knowing about it" is also the guy who got his website hacked without knowing about it.
Sohaib Athar was in the international spotlight Monday morning after he inadvertently tweeted about the early morning raid that killed Osama bin Laden and several of his associates. His on-the-ground tweets provided early details on what could turn out to be the biggest news story of the year -- even though he didn't know what was happening at the time -- and by Monday afternoon he had more than 76,000 Twitter followers.
But according to security firm Websense, curious Web surfers who visited Athar's blog, Reallyvirtual.com, early on Monday may have had scareware software silently installed on their computers. Websense Security Research Manager Patrik Runald said Athar's blog had been hacked, and that the site was attempting to install the malicious program until about 9 a.m. Pacific Time Monday.
In an e-mail interview, Athar confirmed his site had been compromised but said it happened before he sent his tweets about bin Laden. "The site was hit with malware a few days ago," he said. "Upgrading the server ... has been on my list of things to do for the last few weeks, just never got around to doing it."
"The bad guys just got lucky," Runald said. Criminals are constantly scouring the Web looking for websites running out-of-date software that can be hacked. And sites running the Word Press software, which Athar was using, are always popular targets.
Runald found the malware on the site at 8:10 a.m. Pacific Time on Monday. By 9:25 a.m. it had been cleaned up, he said.
Although it's hard to say for certain how the site was hacked, Runald said Athar was using an older version of the WordPress blogging software that may have allowed criminals to break into his site.
The attack code on Athar's blog targeted an array of known flaws affecting Windows software. It installed a fake system scanner, called Windows Recovery, on computers running unpatched versions of many programs including the Windows operating system, Java and Adobe Reader.
Windows Recovery hides system folders on the PC and then tries to scare the victim into paying for bogus software that it claims will fix the issue.
Athar started posting Twitter messages at about 1 a.m. local time about the raid on bin Laden's compound in Abbottabad. "Helicopter hovering above Abbottabad at 1AM (is a rare event)," he wrote. "Go away helicopter - before I take out my giant swatter."
He continued to update his Twitter feed, adding details from local friends, and then commenting on the breaking international news story. On his blog, he called himself, "the guy who liveblogged the Osama raid without knowing about it."
It's not clear how many people visited Athar's blog while it was infected.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Alert Logic for PCI DSS Compliance To achieve PCI DSS compliance, you must identify and remediate all critical vulnerabilities detected during PCI scans. Threat Manager streamlines this process by...
- Cybersecurity Imperatives Reinvent Your Network Security With Palo Alto Networks The Rise of CyberSecurity
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts