Bhutto's Assassination Makes Victims in the Virtual World

Yesterday, the news of the former Prime Minister Benazir Bhutto's assassination represented the hottest subject on the web, as all the people wanted to find out more details on this topic. Being such a popular subject, the attackers quickly adapted their malicious attempts and created several malicious websites supposed to deploy infections on visitors' computers. Security company Trend Micro discovered lots of infected pages, all of them indexed by Google and returned for the "benazir" search query.

According to a blog post published by Mayee Corpin of Trend Micro, some websites were infected with JS_AGENT.AEVE, a dangerous JavaScript that could be deployed once the user fully loads the page.

"The malicious script downloads a Trojan (already detected TROJ_SMALL.LDZ), which in turn downloads more malicious files, namely WORM_HITAPOP.O and TROJ_AGENT.AFFR", the Trend Micro official wrote.

"Moreover, the malicious JavaScript is apparently not exclusive to news sites - it is also present embedded in other websites with a broad scope of topics and interests. There are many other sites that have been possibly compromised (or that include the malicious JavaScript), including Autoworld, Vino, Dogpile, MSN, BlogSpot (yes, again), etc."

Hackers have always been up-to-date with the latest popular news subjects and events, as they've always attempted to adapt their scams to the most attractive topics. Take for example Christmas, when lots of spammers sent million of unsolicited messages containing season greetings or ecards to a huge number of inboxes.

And what's worse is that they usually contain URLs or attachments leading the users to computer infections able to steal passwords and login credentials. Moreover, a number of infections are meant to provide full control over the affected system, which permits access to any piece of data stored on your computer.

As usual, it's better to avoid visiting suspect websites that may attempt to deploy malicious files on your computer. In addition, apply the latest definitions for your antivirus solution.