Hackers Pounce on Benazir Bhutto Assassination News
Security Watch
SHARE
Facebook X Pinterest WhatsApp

Hackers Pounce on Benazir Bhutto Assassination News

Written By
Ryan Naraine
Ryan Naraine
Dec 28, 2007
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

If you turn to Google to find information on the assassination of former Pakistan Prime Minister Benazir Bhutto, chances are you will land on a Web site rigged with malicious exploits.

Within hours of Bhutto’s death, researchers at Websense Security Labs discovered several Web sites capitalizing on the breaking news surrounding Bhutto’s death, including one that was high on Google’s results for the generic “benazir” search query.

At 11:00 a.m. on Dec. 28, one of the top three results on Google for the “benazir” search query was serving up a JavaScript redirect to a Web site attempting to load a Trojan downloader on Windows machines.

An alert from Websense Security Labs noted that a malicious Google result for a “generic and simple keyword” is likely to receive large amounts of traffic.

Google usually flags malicious search results with a warning that reads “This site may harm your computer” but, in this case, there is no such warning.

The use of major news events or holiday activity has been a successful tactic for social engineering malware. [ See Techmeme discussion ]

According to an advisory from anti-virus vendor Trend Micro, one of the malicious sites taking advantage of the Bhutto assassination news is serving up a script that downloads a Trojan capable of loading multiple executables on Windows computers.

“TrendLabs found that there is a host of other news sites and blogs taking advantage of this news,” it added.

The company said the malicious JavaScript is not exclusive to news sites. “It is also present embedded in other Web sites with a broad scope of topics and interests. There are many other sites that have been possibly compromised (or that include the malicious JavaScript), including Autoworld, Vino, Dogpile, MSN and Google’s BlogSpot.”

According to Trend Micro researcher Paul Ferguson, searching for this same malicious JavaScript code URL (the malicious script) yields 4,240 results. If the search is narrowed down to also include “benazir,” there would be only 103 results.

The “Storm Worm” Trojan has also used holiday-themed social engineering attacks to seed one of the most notorious botnets.
Ryan Naraine
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information