WITHIN TWO HOURS of the announcement that Osama Bin Laden was dead, internet criminals were in action and so was the security industry.
Johannes Ullrich, chief technical officer of the SANS Internet Storm Center posted a warning about the event shortly after the news was announced. So far everything looked quiet he said, although a couple of image servers were active.
"There are some image searches that return an image claiming to be an image of dead Bin Laden, but right now, none of the servers hosting it respond. Some of the sites return SQL errors indicating that the sites are receiving too much traffic," he wrote.
However, in less than two hours after the official announcement, sites started to appear claiming to have pictures of the corpse. One Spanish language site had a badly photoshopped picture of a dead Bin Laden, with what purported to be a video of the body.
Michael Sutton, vice president of cloud security firm Zscaler, told The Inq that when viewers clicked on the link they were asked to download a VLC codec, which was in fact an adware tool called hotbar, a piece of malware that 19 out of 41 current antivirus engines can detect.
"With an attack this new then antivirus engines can't keep up with the pace, because attackers recode files," he said.
"Actually, 19 antivirus engines is pretty good. Usually, with this kind of new attack, only a quarter of them can handle it."
According to a posting on a black hat search engine optimisation site found by Imperva's security researchers, spammers are gearing up to harvest a lot of American victims.
The poster recommends setting up fan pages around Osama's death, and then asking other Facebook users to like the page. Such tactics got 600 ‘Like' clicks in two minutes the poster claims.
"Watch it go viral. You'll probably get 90 per cent USA FB users," he says.
However, by clicking the button they also end up liking "Get LAID with girls from FBook. Transform your PC into a seduction machine."
Readers are advised that no pictures of Bin Laden's body have been released and, since he's reportedly been buried at sea, the chances of more are vanishingly small. µ
Plus the cost of ambition as moonshots eat into the coffers
Spoiler alert: it's probably VeriSign
Did we say cuts off? We meant traps them inside their own home