Search Hits on Heath Ledger Brings up Malicious Sites
Online criminals are exploiting the shocking news of the demise of Heath Ledger, the Australian actor, on January 23, 2008, as bait to lead grieving fans towards malicious sites via results on search engines, according to a warning by Trend Micro.
The Security Company says that massive numbers of Australian and global readers are under threat as emerging reports indicate Ledger's name on top of several search engine hits including those of Google's '100 Hot Trends' that lists the latest top-100 search trends rising with the fastest pace.
According to a post on January 23, 2008 by Bernadette Irinco on the malware blog of TrendLabs, Research Project Manager Ivan Macalintal at Trend Micro discovered soon after the death of the actor that searches for words 'Ledger' or 'Heath' resulted in URLs containing malware, among the top search listings. SCMagazine published this on January 24, 2008.
Irinco writes that if and when surfers click on a certain link, they are led to a website that asks for downloading the latest version of ActiveX Object. As the download process begins, a number of redirections follow that download various malicious files.
Irinco further writes that after more analysis, researchers found that these malware-hosting URLs are some of those that came up from the possible hack of servers belonging to a service provider in Czechoslovakia. SmartHouse reported this on January 24, 2008
Premium Services Manager, Adam Biviano, at Trend Micro (Australia/New Zealand), said that it was almost easy to predict the threat just as any major news headline would come under some form of malicious attack, as reported by SCMagazine January 24, 2008.
Biviano added that it is interesting to observe how fast these malicious sites are appearing as search engine results.
Irinco also wrote that taking advantage of newsworthy events is not unknown. In December 2007, malware writers also pounded on the killing of Benazir Bhutto, former Prime Minister of Pakistan. In the new case, malware writers took advantage of Ledger's death to trigger numerous redirections, knowing that people would go for searches on a hot piece of news like this, Irinco put down. SmartHouse published this.
Related article: Surge in Spam attack
» SPAMfighter News - 05-02-2008