Photo credit: Reuters
As the nation prepares for today’s historic inauguration of President-elect Barack Obama, antivirus vendors are gearing up for a flood of spam and malware-laden Web sites that aim to capitalize on the event.
“We’ll see a notable amount of spam coming through connected to the inauguration,” Lysa Myers, director of research at antivirus vendor West Coast Labs, told InternetNews.com. “There will be a lot of things like sites hosting what’s supposed to be a video of the inauguration, and they’ll try to get visitors to download some sort of malware in order to view videos.”
The attacks are already on their way. One effort combines a fake Web site and misleading links that lead to sites containing malware. The site, superobamadirect.com, is designed almost identically to Obama’s own site and contains links purporting to lead to news stories. Instead, they direct visitors to malware.
It’s a common style of attack for malware distributors. Attackers routinely seed blogs and blog comments with links that claim to lead to news or videos about major world news or celebrities, seeking to parlay their topic into clicks and higher search engine positioning. That’s in addition to the age-old methods of sending those links in e-mail spam. In either case, instead of going to news, the links send clickers to Web sites hosting malware.
Using a similar approach, hackers hit professional networking site LinkedIn, recently putting up a fake profile with links claiming to take visitors to nude videos of a celebrity. Clicking on the links instead redirected visitors to a site containing malware.
They also hit Google (NASDAQ: GOOG) Blogspot, putting up celebrity-related blogs with links that take visitors to sites offering malware posing as antivirus software — a category of malware known as scareware.
The war has begun
Stephan Chenette, manager of security research at Web security products vendor Websense, told InternetNews.com that he’s seeing evidence that malware authors are ramping up other inauguration-related attacks, like sending messages that contain links to scareware-hosting Web sites. Their attacks also include spamming blogs and blog comments with links, which Chenette calls “Webspam.”
Chenette predicted that Obama’s supporters will be especially exposed to the threat because of their heavy online activity.
“Barack Obama’s fan base are extreme users of the Web,” he said. “They’re used to blogging, reading blogs and comments, and clicking on links.”