"Osama bin Laden”, “Osama bin Laden dead body”, “Osama bin Laden killed” are words that might bring a lot of headache to all of those who are not cautious enough in their search for news or shocking images of this man’s end. All web searching engines are returning millions of hits from all regions with pictures or articles of bin Laden’s death.
Fig.1 Google Trends saw yesterday a considerable spike with words like Osama, Osama’s death, bin Laden’s dead body
AS shown in the above info graphic, the search engine queries saw a tremendous spike only a few hours after the news of Osama bin Laden’s death was firstly announced. And this means that, in the feature, a lot of fake search results related to this event will start bombarding the readers, exposing them to bogus content, PDF exploits, fake AVs, drive-by malware attacks translated in keyloggers, backdoors, worms and Trojans of all kind.
Breaking news has always been inspirational to cyber crooks and this event will be no different. The Storm Worm is one such example that would piggyback any good news to spread in as many computers as possible.
· BitDefender specialists suggest you avoid falling for the oldest trick in the book: do not open any PDF file that comes your way with breaking, shocking and never-heard-of news. Moreover, stay informed reading your favorite online news outlet.
· Remember that newsletters don’t come with attachments; if you happen to receive such messages from unknown senders; it’s recommendable that you delete them at once.
Fake AVs and rogue links are lurking in every corner of the Internet. Cyber-crooks behind rogue AV business are all on the search for new “victims”. That is precisely why you may stumble upon a series of malicious websites hosted with free domain provider co.cc that are heavily optimized for keywords such as “bin Laden death” that promise you a good AV solution that is in fact a fake scanner page. And you will end up paying good money for a software that does nothing at all to safeguard your PC or online activities.
· In order to stay safe, you are advised to install a security solution with antispam, antiphishing, anti-fraud (against fake web shops) and antivirus (against card fraud) of your choice and not click any link that you come across on the Internet.
· We recommend you try BitDefender TrafficLight, a completely free browser security application that shields you against web-based e-threats such as phishing and fraud websites, malicious scripts and poisoned search results.
Social networks are expected to become a target for cyber crooks as well. Fake movies containing malware can spread virally and links posted by your friends on your or their personal wall can make you land on various malicious domains where you can get exposed to rogue AVs, keyloggers or many others of the sort.
· In order to protect the integrity of your computer and data, make sure you do not open attachments that come from unknown senders; if you really need to do so, make sure that you download the attachment and scan it with your locally installed antivirus solution.
· Avoid clicking on links that come from sources you do not know and trust
It appears that the first pieces of malware exploiting Osama bin Laden’s death are in the wild. We have received a couple of samples named “Fotos_Osama_Bin_Laden.zip” via the automatic submission system. Preliminary analysis reveals that samples are variants of the Banload banker family, identified by BitDefender as Trojan.Generic.5849157. Just like any Brazilian Banker, the attack vector appears to be a spam message purporting to bring extra visual cues about Osama bin Laden’s death.