Why Hackers take advantage of global events

Martin Brinkmann
Dec 29, 2007
Updated • Dec 7, 2012
Security
|
0

Hundreds of websites have been prepared or compromised to take advantage of the Benazir Bhutto Assassination in Pakistan. Users searching for news on the assassination using search engines like Google or Yahoo might land on a website that has been specially prepared to download Javascript code that in turn downloads additional malicious software to the host PC.

The discovery was first reported by Websense on their website and several anti-virus applications have already been updated to counter this attack.

The interesting aspect in my opinion is that hackers are very quick to react on global events that trigger lots of searches for a specific subject in a short time. It took them less than 24 hours to prepare hundreds of websites with the malicious Javascript code and make it into the top 10 for several related search terms.

The Why is obvious. There is always a massive increase in searches when events that are of global interest happen. This can be assassinations, wars or catastrophes for example. The more users search for a subject the higher the chance that they will land on a prepared website.

ADVERTISEMENT

Protecting yourself:

Here are some thoughts on how to protect your computer from falling into this trap.

  • Use the excellent Firefox add-on NoScript which disables Javascript on all websites except on those that you whitelist.
  • Visit trustworthy news websites only. The problem here is that you might miss good articles written by bloggers or new websites who rank highly on a subject. If you have to visit those sites be prepared. Turn of Javascript and other scripting languages before you visit those sites.
  • Keep your operating system updated. This is one of the most important rules. Update your system with the latest security patches
  • Don't use Internet Explorer. Switch to another browser for increased security
  • Don't log into Windows as an administrator

Can you think of anything else ? You could use a virtual PC or a tool like Sandboxie whenever you surf the Internet.

Advertisement

Related content

macos TCC

Microsoft says Powerdir vulnerability in macOS could have given attackers access to user data
Avira Crypto

Avira is adding a crypto miner to its products as well
keepass password safe 2.50

KeePass 2.50 speeds up key derivation functions significantly
LastPass Logo

LastPass: some users report compromised accounts
bitdefender antivirus free

Bitdefender Free will be retired on December 31, 2021

0Patch has a patch for Windows "InstallerFileTakeOver" 0-day vulnerability, Microsoft has none

Previous Post: «
Next Post: «

Comments

There are no comments on this post yet, be the first one to share your thoughts!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Advertisement

Spread the Word

Ghacks Newsletter Sign Up

Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up

Advertisement

Popular Posts

Advertisement

Recently Updated

Advertisement

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2022 - All rights reserved