The computer security industry is warning businesses and consumers to brace themselves for a wave of online criminal attacks exploiting the death of Osama Bin Laden, flooding the Internet with malicious viruses and software which could spark mass ID thefts.
Within hours of the news becoming public, the first wave emerged on Twitter, according to cloud security firm Zscaler.
In a blog post, the company said: “Any time there’s breaking news we start monitoring, and Twitter is generally what we leverage since it’s so much more realtime than search engines.”
One of the first was a Spanish site carrying a digitally altered picture of Bin Laden with a Flash video player which requested a VLC codec named XvidSetup.exe. The software is in fact an adware tool called hotbar.
Scammers are also using the event to support Facebook scam sites. Security researchers at Imperva found a post on a search engine optimisation messageboard claiming to have had great success with a bogus Osama website.
The poster recommends setting up a fansite celebrating Osama’s death, which suggests viewers ‘Like’ the page. In fact, the action generates similar messages on other spam sites, which brings in advertising revenue.
“This is one of those rare opportunities that can build you a great list and add a couple of zeros in your profit,” the posting reads.”Use it while the news of Bin Laden killed by US forces is hot. I just started one and it had 600 likes in two minutes.”
IT managers are being urged to upgrade spam filters, and web users are warned to be on their guard against spam and software ‘updates’ associated with the news.
