Bin Laden Liveblog Hacked Before Sting Operation

Dennis Faas's picture

With a range between 3,000 to 5,000 tweets per second, it is no wonder that so many people found out about the capture (and subsequent demise) of Osama Bin Laden via Twitter earlier in the week.

While the majority of people world-wide learned about the covert operation only after it was complete, a few thousand people were in fact following the sting in real time via a live Twitter feed hosted in Abbottabad.

Man Blogs About Raid Without Knowing About It

Sohaib Athar, the man behind the blog, now believes that one of his Twitter followers might have actually been a hacker looking to prey on others who were following Sohaib's minute-by-minute reports.

Mr. Athar has been dubbed "the guy who liveblogged the Osama raid without knowing about it." His first tweet read as follows: "Helicopter hovering over Abbottabad at 1AM (local time) is a rare event. Go away helicopter -- before I take out my giant swatter."

Athar continued to update his Twitter feed sporadically through the night, adding details from local friends and commenting on the international news story as it began to unfold. By Monday afternoon, he had in excess of 76,000 Twitter followers. (Source:

Blog Hacked Before Bin Laden Tweets

Security firm Websense is now reporting that some curious individuals who visited the blog may have had scareware software silently installed onto their computer.

In a recent email interview, Athar confirmed that his site had indeed been compromised, but said that the original infection had occurred prior to his Bin Laden tweets.

While it is hard to say for certain how the site was hacked in the first place, Websense believes that running an older version of WordPress blogging software might have played a hand in allowing cybercriminals to access the site.

The attack code is designed to install a fake system scanner (called Windows Recovery) on computers running unpatched versions of popular programs including the Windows operating system, Java and Adobe Reader. Windows Recovery then hides system folders on the PC and attempts to "scare" victims into paying for bogus software in an effort to repair the issue. (Source:

Athar Admits Lack of Foresight

Athar acknowledged that the software he used was outdated and accepted blame for his lack of foresight in updating the server before garnering worldwide attention: "Upgrading the server has been on my list of things to do for the last few weeks, [but I] ... never got around to doing it."

Websense confirmed that the scareware hack on Athar's blog was resolved by 9:25 a.m. on Monday. It still remains unknown as to how many individuals were affected by the attack while the site was infected.

Rate this article: 
No votes yet