The recent shock news of the death of Australian actor Heath Ledger is now being exploited by cyber-criminals hoping to entice fans to malicious sites when they do a search online with the actor’s name.
Within hours of the news, keying in the terms “heath” and “ledger” in an online search produced malicious URLs, according to security software company Trend Micro’s Research Project Manager Ivan Macalintal.
The warning, which was written on the Trend Micro blog site by Bernadette Irinco advises that if a reader clicks on one of the links, they will be re-directed to a site which requires them to download “a new version of ActiveX Object”. The software download is then the beginning of a series of redirections that end in the download of different malicious files.
“Upon deeper analysis, researchers find reason to believe that these malicious URLs are among those resulting from the suspected hacking of Web servers of a certain Czech hosting provider,” Irinco writes.
“Piggybacking on newsworthy events is not new. A month ago, malware authors also jumped on the assassination of Pakistan Prime Minister Benazir Bhutto. In this case, malware authors simply used news of Ledger’s death to jumpstart massive redirections as they know many people are wont to do searches on this hot news item.”
Indeed, within 12 hours of reports of the actor’s death, Heath Ledger was the top of the list of Google’s most used search terms.
Trend Micro says its Web Threat security software will protect users’ PCs from the risk.
Aussie-born Heath Ledger was found dead in his New York apartment yesterday at approximately 3pm local time, by his housekeeper.