Results in Google image search in Spanish related to the death of Osama bin Laden were hiding malware, Kaspersky Lab says.
(Credit: Kaspersky Lab)Within hours of the news that the al-Qaeda leader had been killed by U.S. forces on Sunday, malware was found on sites optimized to show up on Web searches related to the event and in scams on Facebook.
Also, the blog site of a Twitter user based in Pakistan who now has more than 66,000 followers and who was posting tweets as the attack on bin Laden was happening, apparently was popular enough that his blog site was compromised and malware was embedded on it, according to a blog post from security firm Websense.
Visitors to the blog would not immediately have noticed anything as the malware was installed as a drive-by-download without the visitor having to do anything, said Patrik Runald, senior manager of security research at Websense Security Labs. The malware searched for vulnerabilities in Internet Explorer, Java, and Adobe Reader that have been patched by the vendors, he said. If a hole was found, a display would pop up advertising "Windows Recover" a fake system scanner for Windows that tries to trick people into paying for software they don't need, according to Runald, who said it is unclear how long the blog was compromised before it was cleaned up around 8 a.m. PT today.
Image searches and items labeled as video are proving particularly problematic as people are drawn to visual images of the terrorist leader. At least two domains were found to be serving up fake antivirus rogueware called "Best Antivirus 2011" on searches for "Osama bin Laden body" on a Google image search in Spanish, according to a blog post by Kaspersky Lab. Read More
