Computer hackers are exploiting the fascination with the death of Osama bin Laden to spread malicious software through scams that promise access to videos of the historic killing.
One of the campaigns targets Facebook users, who receive e-mails purportedly from friends who urge them to cut and paste a string of malicious text they are told will give them access to a video of bin Laden’s killing.
When users follow the directions in the e-mail, they end up granting full access to their account to hackers, said Mikko Hypponen, chief research officer for anti-virus software maker F-Secure.
The hackers then use that access to propagate the virus and send spam to the users’ friends, he said.
Another campaign exploiting the al Qaeda leader’s death uses regular e-mails laden with tainted links that cause malicious software to be downloaded on a PC, he said.
Hackers plan such attacks — known as phishing schemes — to piggyback on a wide range of news events. Similar campaigns were launched with tie-ins to the British royal wedding, Japanese tsunami and the World Cup soccer competition.
“They always have something ready to go just in case,” said Jeff Moss, chief security officer for the Internet Corporation for Assigned Names and Numbers, or ICANN. “There is always an earthquake or tsunami or hunger or something.”
Within a few hours of the Japan earthquake, hackers had begun spamming the Internet with phishing schemes exploiting the tsunami, Moss said.
The viruses that are downloaded are often programmed to steal a user’s personally identifiable information, the FBI warned consumers.
Hypponen said he expected the bin Laden scams to persist for months.
“We know there is a video,” he said. “We know it’s not going to be released, which means there will be curious people for a long time.”