A seemingly innocuous Facebook message which contains the attention-grabbing headline – “Osama dead – censored video leaked” – has wreaked havoc in Dubai and across cyberspace.
“The virus multiplies exponentially – primarily because of Facebook being so popular,” said Kazi Mohammad Akram, General Manager, Ras Infotech, a Dubai-based representative of F-Secure and M86 web content security firm. “It’s early to tell the extent of the damage in the UAE as it assumes many forms,” he added.
Finnish security company F-Secure first threw out an advisory about the virus on Monday, The FBI issued a similar warning on Wednesday.
“It’s a comment-jacking scam in which every click or comment on this [Censored Osama video] Facebook post is hijacked and sent to everyone on your friends list. We’re expecting various flavours of this scam to continue spreading in the next few days – including search engine poisoning and malicious spam e-mails,” said Akram, advising people not to open unsolicited emails. “Go to safe websites only for news or information,” he cautioned.
Bin Laden’s death on May 1 meant millions of hits on the internet – giving virus makers the perfect opportunity to infect computer users.
Hackers poison search engines by creating websites using â€˜hot topic’ search words – such as “Osama” or “Bin Laden” – that then download malicious code when clicked.
Ryan S., a Dubai-based logistics executive said: “I’ve seen many online friends auto-posting the link on their profile. In one day alone I must have deleted over 150 such posts.”
But apparently, the virus with a password-nicking payload mutates by the day and clicking on the image continues to unleash untold misery. Yesterday, a virus variation – “Laden is holding a newspaper with today’s date” – made the rounds on social networks.
Hackers have used Bin Laden’s name before. In 2004, spammers that gave links to photographs of Bin Laden’s “suicide” conned users into opening a file that installed a Trojan which gave the attacker control over a compromised computer. In 2005, a message that purportedly offered TV grabs of Bin Laden’s “capture” contained in a ZIP file actually contained a version of “Psyme”, which steals user names and passwords.
- Don’t open a URL address posted by a friend on Facebook that claims to contain a video of Osama Bin Laden being killed
- Don’t open emails or download software to view such videos even if it’s sent by someone you know
- Adjust the privacy settings on social networking sites you frequent to make it more difficult for people you know and do not know to post content to your page
- Keep your anti-virus programme up to date