Black Hat search engine optimization has raised its ugly head once again with the news of Osama Bin Laden's death. Facebook and Google users have been targeted by phishing scams and Trojan installers referencing the news. This time there is a new wrinkle: Mac users are being targeted.
Security researchers Kapersky Labs and Sophos Naked Security issued separate warnings on May 2, noting that these types of scams prey on almost any type of viral news stories as the insatiable appetite for information dulls people's normal common sense against clicking on suspicious links that promise something incredulous. Viral news events have become the breeding ground for "Zero Day" Black Hat SEO.
Kapersky found that Mac computers are being targeted this time around as well. A lot of times hackers will not bother with writing Mac script because the payoff is not worth it. The general adage is that where there is bountiful and rich information available that's where the criminals will go. Writing code for Windows was a much more efficient way to capture information. This round of phishing and hacks targets Mac installers through the trusted files system in Safari.
Hackers know Zero Day vulnerabilities as the aces up their sleeves. Security companies are constantly updating their databases, feeding user information and using honey pots to catch hacker codes to update their black lists. Once a code is in a security company's database it is not long before a fix against the malicious code is sent out and the hacker goes back to tweak the program to get around the fix. It is a never-ending dance.
Zero Day vulnerabilities are the new and powerful codes that hackers keep in reserve because the code is not in any of the security companies systems. Hence the term Zero Day - there have been zero days where this code has been exposed to potential security fix.
In the last several years, viral news has become a new way for scammers and spammers to trap consumers. Large breaking news stories, like the earthquakes in Haiti and Japan, the election of Barak Obama as president and the death of Bin Laden have become breeding grounds for hackers to catch users in their nets. As more people come online and become more sophisticated in avoiding traditional phishing schemes, the hackers are also developing newer ways to prey on our consciousness. Whether that be a tweet that looks like it could be from a legitimate person (as opposed to a person-like bot) or preying on the emotions of people that just want to spread good or bad news.
It is one of the oldest tricks in history. When people are at their lowest, the cons will take the most advantage.
Hence, every time there is viral news, it is a new Zero Day gift thrown into the laps of the Black Hat SEO scammers.
The Windows rogueware is a Trojan known as Trojan.Win32.FakeAV.cvoo and comes "Best Antivirus 2011."