Hackers step up game, spread malware using Bin Laden bait
Facebook scams also ramp up as criminals exploit major news event
Computerworld - Hackers today stepped up their use of Osama Bin Laden's death by shoving malware into PCs when users fall for phony claims of photographs and video, security researchers said today.
"It's not really surprising," said Mikko Hypponen, the chief research officer of Helsinki-based F-Secure. "We were expecting to see related malware."
The shift to direct attacks follows Monday's campaigns to push fake security software, dubbed "rogueware," to both Windows and Mac users.
Earlier today, F-Secure warned users to steer clear of spam that included the "Fotos_Osama_Bin_Laden.zip" archive attachment. The messages claim the file contains photos of Bin Laden after he was shot and killed by U.S. special forces during a 40-minute firefight in his compound in the northern Pakistani city of Abbottabad.
Running the resulting Windows executable file doesn't display photographs, but instead launches a new banking Trojan horse belonging to the three-year-old "Banload" line, said Hypponen. The malware sniffs out online banking sessions and then tries to redirect payments to other accounts.
Other security companies have also snared malware packaged with Bin Laden spam.
Today, Symantec said it had found email messages touting photos and video of the U.S. attack's aftermath. The messages, which so far have been written in French, Portuguese and Spanish, lead users to a fake CNN Web site where they're told to download video.
As in the F-Secure instance, the download is, in fact, a "dropper" that in turn downloads malicious code to the Windows PC.
Bin Laden scams are also spreading quickly on Facebook, Hypponen and others said.
The latest scam plays on the reputation of Wikileaks, the organization that has leaked thousands of U.S. military and diplomatic messages during the last year.
"Osama is dead, watch this exclusive CNN video which was censored by Obama Administration due to level of violence, a must watch," claims the Facebook spam. "Leaked by Wikileaks."
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts