Kaspersky Lab has alerted Facebook and Google search engine users of Bin Laden’s death video and news spam they may be infected with.
In light of the news around Bin Laden’s death, spammers were quite fast to reach both Windows and Mac users, and started to poison search results in Google images. Some of the search results are now leading users to malicious pages, so when clicking an image in the results page, the user will be redirected to one of the malicious domains such as -***-antivirus.cz.cc/fast-scan/ or ***pe-antivirus.cz.cc/fast-scan/. Both domains are offering a copy of the rogueware known as “Best Antivirus 2011″”. This rogueware is already detected by Kaspersky as Trojan.Win32.FakeAV.cvoo.
Facebook is often used by spammers and malware writers as a platform for distributing malware and spam. Since Bin Laden’s death Kaspersky Lab have seen a flood of both spam and malware spreading as very attractive videos of the death of Osama Bin Laden. Spammers are using multiple techniques to get the users on Facebook to visit the malicious pages. When the users are interacting with the malicious page, cybercriminals use techniques such as Clickjacking, Commentjacking and Likejacking to boost and distribute the malicious link (via video or spam) to the victims’ friends. The moment the user clicks on the link, it is automatically posted on different profiles with the following message:””Sweet! FREE Subway to Celebrate Osama’s Death – 56 Left HURRY!”” or “”2 Southwest Plane Tickets for Free – 56 Left Hurry”” and then a link to a short URL service (http://tiny.cc/). This kind of malware is not only spread on Facebook, but many other social mediums such as Twitter.
Kaspersky Lab advises all web surfers to keep their computers up to date with all the security patches, that their anti-virus is updated at all times and if clicking on links from Facebook and other social media pages, to make sure that no crucial information such as usernames and passwords are provided.