Miscreants are always geared up to start a new wave of spam and malware campaign. When a sensational event occurs, users tend to go searching for news on the event, making it easy for the criminals to do what they do best.
Case in point, last week saw the Internet abuzz with news regarding Osama Bin Laden’s death. Some research into the user’s search behavior from Google trends revealed that the maximum number of searches were for the keyword “Osama” and the maximum number of searches arrived from the United States.
The second to top the list was India, with Tamil Nadu leading the way, closely followed by Karnataka.
The bad guys tried to capitalize on this news by poisoning search results, spreading malware & spam. They setup fake videos, facebook wall posts, websites, all claiming to reveal “exclusive” information on the death of Al-Qaeda’s top man, thus enabling them to invite potential victims to their trap.
Out of approximately 1,00,000 videos uploaded to date on You-tube with the keyword “Osama”, around 23,000 were uploaded just in the past week.
Also, there were around 1,300 websites registered, in the first 3 days since the news emerged, relating to Osama’s death.
Out of these newly registered websites, the maximum number of registrations was made with the registrar “1 & 1 Internet AG”, followed by namecheap.com.
Queries in domain reputations sites like www.malwareurl.com indicate that both registrars had hosted sites that have spread exploits & spam before.
Lokesh Kumar
K7 TCL