Spyware Goons Exploit Benazir Bhutto's Death

Dennis Faas's picture

Think CNN and the major network news agencies are the only ones quick to jump on breaking international events?

Think again.

Only hours after the tragic announcement of the assassination of former Pakistani Prime Minister Benazir Bhutto, malware creators had already crafted an exploit to take advantage of curious web users.

A number of security companies are reporting the widespread exploit, including McAfee, Symantec, and WebSense. According to this group, at least ten sites on Blogger.com (Google's primary blog service) were, as of the day of Bhutto's assassination, spreading a fake video codec that duped users into clicking. (Source: securitypronews.com)

Although the events are new, the tactic is not. It uses a time-honored malware goon tradition, whereby a promised video suddenly demands a forged 'update' in order to display. In this case, it was video covering Bhutto's untimely passing, with a "high-definition video codec" required for users hoping to view the illicit clip.

Of course, there's no HD bonus. Instead, users download a self-executing .EXE file ("video codec") that pumps their computer full of the Zlob Trojan horse: an exploit that helps hackers exploit a PC with any number of other malware programs.

Some Symantec researchers see this kind of activity as 'robbing the dead.' "Even death isn't sacred to some," said one Symantec researcher.

In some other cases, those interested in Bhutto's assassination are being made vulnerable to what are called 'drive-by attacks' by hackers. According to a McAfee security analyst, "There are a plethora of sites which attempt drive-by installations when unsuspecting users visit search-engine results for 'Benazir Bhutto.'" Many pages include malicious scripts that contain dangerous variants of the MS06-014 exploit, which McAfee say "is perhaps one of the most popular of all the exploits we see on a daily basis." (Source: computerworld.com)

These kinds of exploits aren't even limited to stunning world events, as in the case of Bhutto. Not long ago, fans of singer Alicia Keyes were hit by a fake codec when visiting her MySpace page.

Rate this article: 
No votes yet