Osama spreads virus

Dubai: Osama Bin Laden has risen from the dead to haunt the world - this time as a fast-spreading computer virus.

A seemingly innocuous Facebook message which contains the attention-grabbing headline - "Osama dead - censored video leaked" - has wreaked havoc in Dubai and across cyberspace.

Fast multiplying

"The virus multiplies exponentially - primarily because of Facebook being so popular," said Kazi Mohammad Akram, General Manager, Ras Infotech, a Dubai-based representative of F-Secure and M86 web content security firm. "It's early to tell the extent of the damage in the UAE as it assumes many forms," he added.

Finnish security company F-Secure first threw out an advisory about the virus on Monday, The FBI issued a similar warning on Wednesday.

"It's a comment-jacking scam in which every click or comment on this [Censored Osama video] Facebook post is hijacked and sent to everyone on your friends list. We're expecting various flavours of this scam to continue spreading in the next few days - including search engine poisoning and malicious spam e-mails," said Akram, advising people not to open unsolicited emails. "Go to safe websites only for news or information," he cautioned.

Bin Laden's death on May 1 meant millions of hits on the internet - giving virus makers the perfect opportunity to infect computer users.

Hackers poison search engines by creating websites using ‘hot topic' search words - such as "Osama" or "Bin Laden" - that then download malicious code when clicked.

Ryan S., a Dubai-based logistics executive said: "I've seen many online friends auto-posting the link on their profile. In one day alone I must have deleted over 150 such posts."

But apparently, the virus with a password-nicking payload mutates by the day and clicking on the image continues to unleash untold misery. Yesterday, a virus variation - "Laden is holding a newspaper with today's date" - made the rounds on social networks.

Hackers have used Bin Laden's name before. In 2004, spammers that gave links to photographs of Bin Laden's "suicide" conned users into opening a file that installed a Trojan which gave the attacker control over a compromised computer. In 2005, a message that purportedly offered TV grabs of Bin Laden's "capture" contained in a ZIP file actually contained a version of "Psyme", which steals user names and passwords.

Caution

• Don't open a URL address posted by a friend on Facebook that claims to contain a video of Osama Bin Laden being killed
• Don't open emails or download software to view such videos even if it's sent by someone you know
• Adjust the privacy settings on social networking sites you frequent to make it more difficult for people you know and do not know to post content to your page
• Keep your anti-virus programme up to date