If you turn to Google to find information on the assassination of former Pakistan Prime Minister Benazir Bhutto, chances are you will land on a Web site rigged with malicious exploits.
Within hours of Bhutto’s death, researchers at Websense Security Labs discovered several Web sites capitalizing on the breaking news surrounding Bhutto’s death, including one that was high on Google’s results for the generic “benazir” search query.
An alert from Websense Security Labs noted that a malicious Google result for a “generic and simple keyword” is likely to receive large amounts of traffic.
Google usually flags malicious search results with a warning that reads “This site may harm your computer” but, in this case, there is no such warning.
The use of major news events or holiday activity has been a successful tactic for social engineering malware. [ See Techmeme discussion ]
According to an advisory from anti-virus vendor Trend Micro, one of the malicious sites taking advantage of the Bhutto assassination news is serving up a script that downloads a Trojan capable of loading multiple executables on Windows computers.
“TrendLabs found that there is a host of other news sites and blogs taking advantage of this news,” it added.
The “Storm Worm” Trojan has also used holiday-themed social engineering attacks to seed one of the most notorious botnets.