Security researchers advise increased caution when searching the Internet for information about this morning's bomb attacks in the Moscow subway system. Future black hat search engine optimization (BHSEO) campaigns and other malware distribution efforts will most likely leverage the two unfortunate incidents.
On the morning of March 29, 2010, minutes before 8:00 a.m. local time, an explosion occurred at the Lubyanka station of the Moscow Metro. Around forty minutes later, a second blast occurred at the Park Kultury station. So far, there have been 37 confirmed deaths, while over 102 subway passengers suffered different degrees of injuries.
The Russian authorities are investigating the explosions as terrorist attacks and have concluded that they were caused by two female suicide bombers. The investigators suspect that the women might have had ties to North Caucasian Muslim extremists.
This tragedy has so far seen global coverage from the world's most renowned news agencies and gathered a lot of interest from the general public. As always, people rushed onto the Internet to keep informed about the latest developments in this case, making the attacks a hot search topic on Google and other Internet search engines.
"Since we already know that the gangs have no hesitation in exploiting human tragedies in order to turn a profit, […] it makes sense to be cautious about following links on the topic, especially the ones that appear around the top. The gangs have become expert at manipulating search engine ranking so that malicious URLs are among the first links you see in a search," David Harley, Director of Malware Research at ESET,
warns.
But BHSEO campaigns might not be the only threat related to the Moscow Metro bombings, the security researcher noting that other malware distribution techniques such as the "fake video codec" trick, might exploit the sad news. Such attacks involve spamming links to online videos allegedly related to the event and prompting users to download malware disguised as a special codec or Flash player update, when attempting to view them.
Users are highly encouraged to only surf the Web with a reliable and up-to-date antivirus solution running on their systems. Some browser security extensions, such as NoScript for Firefox, might also help fend off many of these attacks, which usually rely on JavaScript to function.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
