Cybercriminals Take Advantage of MJ Death
When news of Michael Jackson’s sudden death first came to light in late June, millions of fans went to their computers to find out more. USA Today reports that those same fans may have fallen victim to vicious cyber attacks and spam campaigns, perpetuated by professional cybercriminals.
When Michael Jackson died on June 25, his fans mourned — and cybercriminals swung into action.
Within 38 hours, they forged alliances with familiar partners to trigger global spam campaigns that capitalized on the singer’s death.
That was a potent reminder of the dangers that computer-savvy lawbreakers pose in a world that increasingly depends on the Internet for communications and commerce.
If you received unsolicited emails about Jackson’s death, or if you clicked on suspicious links or pop-ups, your sensitive information may be at risk. Be smart when you’re surfing the net! Read the specific details of their spam campaigns:
By dawn on Saturday, a top botnet gang, Waledac, had a client: a well-known online drug retailer, GlavMed.com, also known as Canadian Pharmacy, Cisco senior researcher Henry Stern says.
The Waledac gang began deploying thousands of bots to spam out millions of e-mails with Web links purportedly leading to news about Jackson, he says. But the links actually redirected recipients to websites affiliated with GlavMed that sold sexual-performance drugs and pain killers.
A few hours later, another major botnet gang, known as Rustock, also blasted out Jackson-themed spam for GlavMed’s online shopping sites.
“Rustock is run by a different group of criminals, but here it was spamming the same e-mails as Waledac on behalf of a common client,” Peterson says.
A week after Jackson’s death, criminals out to steal sensitive data or hijack online financial accounts began to move in. A major botnet gang called Pushdo launched a large-scale spamming campaign with enticing messages including: “Who killed Michael Jackson? Visit X-Files to see the answer.” A Web link followed.
Clicking on it triggered what’s known as a “drive-by download.” The attacking bot scans for security holes in popular applications such as Internet Explorer, QuickTime and Adobe Acrobat Reader.