Share
The loss of the King of Pop has left fans stunned and heartbroken, and network administrators' mind blown. If that wasn’t enough, criminals have started to exploit the singer's death by launching several targeted campaigns to infect the masses.
Michael Jackson’s death affects fans and Internet populous (IMG: religiondance)
The Internet takes a hit after news of Michael Jackson’s death is confirmed
As reported earlier today by our own Stevie Smith, the Internet felt the loss of Michael Jackson almost as much as the fans did. Stevie wrote about a wire report from Keynote Systems, which said that monitoring in 10 U.S. cities “…showed that a sudden rush of online demand resulted in the likes of ABC, AOL and CBS suffering a significant shortfall in service efficiency amounting to almost 10 percent of normal availability.”
Keynote said that it monitored the effects on ABC, AOL, CBS, CNN Money, MSNBC, NBC, SF Chronicle, and Yahoo! News.
“Beginning at 5:30pm (EDT), the average speed for downloading news sites doubled from less than four seconds to almost nine seconds,” outlined Shawn White, director of external operations at Keynote Systems.
“During the same period, the average availability of sites on the index dropped from almost 100% to 86%,” he added. “The index returned to normal by 9:15pm (EDT).”
An AOL spokesperson said that: “searching, sharing, and reacting to the news [of Michael Jackson’s death] followed by online tributes has become the modern way to mourn,” but that they have, “never seen anything like it in terms of scope or depth.”
As AOL's users turned to their AIM contacts to share the news, the masses flooded the service and triggered a 40-minute outage, the provider confirmed.
Even Google reported a slower than normal response, saying that: “between approximately 2:40 p.m. PDT and 3:15 p.m. PDT today [6-25-09], some Google News users experienced difficulty accessing search results for queries related to Michael Jackson.”
Criminals waste no time kicking off Spam and Malware campaigns
It wasn’t even eight hours after the news of Michael Jackson’s demise was reported that Sophos started to see signs of a Spam run. The messages, according to Sophos, are the kind where “the spammer claims she/he has vital information about the death of Michael Jackson to share with somebody…”
Oddly, Sophos’ observations are harvesting campaigns. The goal is to get people to reply with legitimate e-mail accounts, proving they are valid. This is almost similar to the trap that is better known as the 'e-mail this address to unsubscribe from future mailings' ploy.
Websense discovered Spam e-mails related to Michael Jackson’s death spreading Malware. These e-mails, unlike those detected by Sophos, will lead people to a Web site offering a video of the body. The site linked in the e-mail is legitimate, belonging to a radio broadcasting station in Australia. While that site might dry up soon, others will take its place.
The legitimate site serves up a file that, once executed, “is opened by the default browser in order to distract the user by presenting a news article for them to read,” said Websense.
“In the background, three further information-stealing components are downloaded and installed by the malware. One of the downloaded files is called michael.gif, which has low AV detection rates…a malicious BHO…[and finally a]…component is bound to startup. Another malicious file installed by the malware is %windir%/system32/fotos.exe.”
[Backslashes replaced by forward slashes due to CMS configurations.]
McAfee's Guilherme Venere also issued a warning about both Spam and SEO traps, saying: “Every time a disaster happens or news about some celebrity reaches the media, malware writers try to take advantage of it. The most common attack vector is email. Watch out for spam offering links to “news” or “pictures” of deceased celebrities.”
“Blackhats use SEO to inflate search engine results in an attempt to put their results on top of the list and drive more users to fake websites offering “more information” about the current trendy news. When the users click on the fake links, they are susceptible to any kind of attack, spyware or malware installation, or information theft,” he added.
Trend Micro, confirming the warning from McAfee, quickly discovered SEO results from sites linked to information on another death yesterday, that of actress Farrah Fawcett. Links to Michael Jackson are sure to follow.
“Hosted on is-the-boss domains (last seen in the H1N1 blackhat SEO attack), the links that come up in search results redirect to other URLs that eventually land on all-too-familiar territory: a rogue antivirus download,” said Trend.
Interestingly enough, the rogue anti-Virus is the same one discovered during The Tech Herald's review of Panda Internet Security 2010, System Security 2009.
For those not in the know, System Security 2009 is the dumbest looking fake AV to date -- but sadly it works -- and so far has a good chance of avoiding detection from many AV vendors (we needed Malwarebytes Anti-Malware to clean it from out lab system).
Criminals will do what they can to spread Spam and Malware, this is why it’s always a good idea to only get news from sources you know and see on Google News. You should never get your news through random e-mails. Layered system protection is another must-have. No one security product will do it all, the more layers to your protection, the better off you will be.
Want regular updates from The Tech Herald? Follow us on Twitter.
Interested in a more interactive TTH? Join our Facebook Group.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story