This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Osama bin Laden death leads to hoard of digital storage being discovered, as warnings made of online scams

Share this article:

The assassination of Osama bin Laden yesterday led to a digital 'mother lode of intelligence' being discovered.

According to Politico, the assault force of US Navy SEALs discovered and seized a trove of computer drives and disks, including PCs, USB drives and electronic equipment, during the raid that killed the Al-Qaeda leader.

The material is reportedly being examined at a secret location in Afghanistan and an official told Politico that hundreds of people were going through it and intelligence operatives back in Washington were very excited to find out what they have. “It's going to be great even if only ten per cent of it is actionable,” they said.

Bin Laden's death has also led to warnings on malicious search results and files being detected. F-Secure chief research officer Mikko Hypponen said that the first sample of malware about the death of Osama bin Laden was a file called Fotos_Osama_Bin_Laden.zip that was spreading via email that contains an executable file that contains a banking Trojan belonging to the Banload family.

Hypponen said: “It will install itself on the system (as msapps\msinfo\42636.exe) and starts to monitor your online banking sessions (via a browser helper object), trying to redirect your payments to wrong accounts. We detect this one as Trojan-Downloader:W32/Banload.BKHJ.

“As a general advice: it's unlikely you'll find pictures or videos of bin Laden's death online, but searching for one will certainly take you to sites with malware.”

Websense Security Labs noted that the news on bin Laden superseded malicious searches for Prince William and Kate Middleton's wedding. In an interesting tactic, the blog of Pakistan-based Twitter user Sohaib Athar (@reallyvirtual) was compromised as he 'live tweeted' during the attack.

Patrik Runald, senior manager of security research at Websense Security Labs, said: “Make no mistake, hackers are going to go after websites such as Athar's along with search engine results to prey on visitors looking for more information.

"Athar links to his blog and I'm sure a lot of users who saw his tweets went there. Unfortunately for them, the site was compromised and was serving a poorly detected malware through the Blackhole Exploit Kit.

“The malware that the drive-by download attempts to install is a fake system tool named 'WindowsRecovery' that claims to have found problems on the victim's computer. To convince the user that something really is wrong with the system, the malware hides all files and folders in the hard drives and on the desktop, but of course the scammers offer the user a quick solution to this problem with a purchase of the premium version of 'WindowsRecovery',” said Websense.

Finally, many Facebook 'likejacking' campaigns have also been detected, with users seeking photos and videos of the attack and bin Laden's dead body. As usual, a campaign is created with a link to a video or picture and when clicking on the link, the user is taken to a page on Facebook asking them to copy/paste the code into the browser's address bar so that they can watch the video, and as previously demonstrated, this allows personal information to be captured by the creator of the scam.

The 'likejacking' campaigns were also detected by Sophos that found messages that claim to point to banned video footage of Osama bin Laden's death.

Senior technology consultant Graham Cluley said: “The scammers earn money every time a survey is completed, and that's why they want you to share the link with others. Sophos is advising computer users to watch out for scams related to Osama bin Laden's death, not just on Facebook but on other parts of the internet too. Such a big news story always seems to attract the interest of fraudsters and malware authors.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Microsoft warns on yet another zero-day security flaw

Microsoft warns on yet another zero-day security flaw

Microsoft has warned Windows users about a zero-day security issue with malicious PowerPoint documents being emailed to recipients. The software giant is working on a patch for the problem.

Google launches FIDO-compliant 2FA USB key for Chrome and Gmail

Google launches FIDO-compliant 2FA USB key for Chrome ...

Google has souped up its two-factor authentication (2FA) login process with the launch of Security Key, a physical USB that only works after verifying the login site is truly a ...

Evolving TorrentLocker ransomware generating big money

Evolving TorrentLocker ransomware generating big money

The TorrentLocker ransomware has returned with a vengeance and is starting to bring in big money for its operators.