Osama Bin Laden Scams and Viruses Spread Across the Web

Only hours after his death was confirmed, third-tier Internet criminals were using Bin Laden's face to infect computers worldwide


After being persuaded by Secretary of State Hillary Clinton and Defense Secretary Robert Gates, President Obama will not be releasing the graphic photographs of Osama Bin Laden's corpse, according to the New York Times. "There is no doubt that we killed Osama Bin Laden," Obama reportedly told a representative from 60 Minutes. "We don't need to spike the football." But that hasn't stopped many people -- including Scott Brown, the junior senator from Massachusetts -- from talking about the photos as if they've already seen them. And that's because they think they have.

Only hours after the death of the mastermind behind September 11 was announced on Sunday evening, Photoshopped images of his head, complete with two gunshot entry wounds above the left eye as detailed in reports, were circulating the Internet.

"Osama Dead - Censored Video Leaked!" screamed a link that was shared on my personal Facebook wall earlier this afternoon. (See the photo at the top of this page.) One of my friends, apparently, had fallen for a clickjacking scam, a type of third-tier Internet crime we've detailed in this space before whereby users are tempted into clicking on a link that allows a third party to hijack their account information and continue the scam's march across the Internet. "Osama is dead, watch this exclusive CNN video which was censored by Obama Administration due to level of violence, a must watch. Leaked by Wikileaks.!" read the link's description, in full. The giveaway, in addition to the poor grammar? The link leads to x.co. Doesn't look like a reliable source to me.

"I suppose this was inevitable," McAfee Lab's David Marcus wrote in a blog post. "The reported death of Osama Bin Laden is just too good a lure for cybercriminals and scammers to pass up." And they're definitely capitalizing it, pulling all the stops.

In addition to the Facebook clickjacking scam, the promise of Bin Laden photos and videos are also fueling more malicious attacks. Several emails circulating include images of Bin Laden as he appeared before the Navy SEAL operation was carried out and links promising that the corpse photos are just a click away. Clicking on the links downloads a small file that installs itself and then steals data using a standard Trojan construction.

Even traditional websites are falling victim to malware. "A Spanish language site was found to be displaying a photo that is supposed to be a shot of bin Laden after he was killed, accompanied by a news story about his death and what looks like a video," CNET explained. "When the purported Flash Player window is click on, a message is shown prompting the visitor to update a VLC media player plug-in to view video. ... Instead, an adware tool known as 'hotbar' but labeled 'XvidSetup.exe' is downloaded...."

With related scams and viruses already infecting thousands of computers -- and spreading -- Internet surfers should be cautious when searching for any new information about Bin Laden's death. Go directly to reputable sources and avoid anything that seems too good to be true -- it probably is.