The world was all ears when U.S. president Barack Obama announced that known terrorist Osama bin Laden was killed by the U.S. special forces in a gunfight that occurred in Abbottabad yesterday.
Twitter posted a graph of the number of Tweets per second from the night Osama bin Laden was reportedly killed, which shows a continuous increase in Tweeting activity, the most seen so far. Such attention from users is not surprising due to the emotional relevance of the event, not only to people from the United States, but also from other countries.
It is no longer surprising to see peaks in social media activity due to the occurrence of global events. Nor is it surprising to see how fast cybercriminals leverage newsworthy events as social engineering ploys. The same trend was seen with the recent Japan earthquake. We saw a series of attacks that all took advantage of the disastrous event.
An event as big as the death of a globally known terrorist will definitely not go unnoticed and will certainly be used in cybercriminal attacks. We can expect several attacks to leverage this emotionally charged development. In fact, within hours after the announcement, we already saw blackhat search engine optimization (SEO) attacks spread FAKEAV variants. We also saw attacks targeting social network users, particularly in Facebook, through pages that claim to contain videos showing footages of Osama bin Laden’s death.
The code that the users were asked to copy and paste into their Web browsers’ address bar in this attack led to a script detected as JS_OBFUS.AB, which posts links that lead to the Facebook page shown above.
Read the rest of this entry »