Bin Laden Malware Spreading Like Wildfire

As predicted, cybercriminals have wasted no time in taking advantage of Osama Bin Laden’s death and the huge interest it has generated. Social media sites, inboxes and search engine results have all experienced an explosion in malicious spam and poisoned search results.

Spam messages containing links that claim to lead to videos or photos of the Al-Qaeda leader’s death have been detected, and the links lead to sites that deliver a fake anti-virus program or a Trojan that takes over the user’s email program and sends spam to everyone on their contact list. The spam has a link to a fake work at home site that pushes malware.

A similar attack is happening on YouTube where fake videos have been posted. The videos, which claim to be of Bin Laden’s death, prompt the user to install a codec before they can be viewed. The codec is actually a Trojan similar to the one showing up in spam emails.

Sites like Facebook are being hit especially hard. User’s walls are being flood with links that have sensationalistic titles like “OSAMA UNCENSORED DEATH VIDEO!” The links actually lead to a site that asks users to fill out survey after survey. Scammers do this to exploit affiliate programs that pay them for every survey that is taken. A related scam uses an iFrame attack to take the viewer to a fake Facebook page. Right now it only delivers spam but it’s not unreasonable to assume it could be used in a phishing attack or to push malware in the future.

For the record, the U.S. government has not released any photos or videos of Bin Laden’s death and has no plans to.