Malware and Spam Campaigns Related to Bin Laden Not Finding Many Takers

As has become their custom, attackers and malware authors jumped on the death of Osama Bin Laden Monday, using black hat SEO, Facebook scams and Twitter spam. However, unlike other recent major news events, the attempts to lure people into clicking on malicious links or downloading Trojaned files were not very successful.

As has become their custom, attackers and malware authors jumped on the death of Osama Bin Laden Monday, using black hat SEO, Facebook scams and Twitter spam. However, unlike other recent major news events, the attempts to lure people into clicking on malicious links or downloading Trojaned files were not very successful.

Immediately following the revelation late Sunday night Eastern time that Bin Laden had been killed in Pakistan, attackers began using the news as fodder for SEO attacks, malware campaigns and spam runs. Fake links to files purporting to be video of the killing popped up on Facebook in a number of different languages, including English, Spanigh and Portuguese. The links took victims to a variety of different sites, none of which was a pleasant destination.

In the case of Twitter, the social networking site had the highest traffic rate in its history on Sunday night and much of that was down to the Bin Laden news and the reaction to it from Twitter users. The company said that it was seeing more than 3,400 tweets per second that night.

This would seem to have been a target-rich environment for phishers, spammers and other various species of online bottom feeders, but security researchers say that the volume of attack traffic and Bin Laden-related tweets wasn’t especially high.

An analysis of the Twitter malware and phishing attempts by Kaspersky Lab malware researcher Vicente Diaz shows that the distribution of malware on the network was surprisingly low. One possible explanation for this may be that the malware-laced tweets weren’t especially subtle or clever.

“We have found this link [to the fake death video] being distributed in several tweets, especially among Brazilian users. The second is malware being distributed, again as Osama´s death video.
In this case the link is not so subtle, including a .rar file in the
URL,” Diaz wrote. “It is interesting how the Twitter user distributing it also tried to do
that posing as Fast and the Furious movie. In this case the distribution
is very low.”

However, it is still relatively early in the story arc for Bin Laden’s death, and U.S. government officials have said that they are planning to release actual video and photos from the raid at some point, so those events could result in more malicious activity, as well.

Suggested articles

Discussion

  • juan on

    Did he died?

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.