The Pakistani IT worker who unknowingly live-Tweeted the military operation that killed Osama bin Laden has now become the victim of a cybercriminal attack.
Sohaib Athar rose up the Internet ranks after he posted a series of tweets late Sunday night (May 1) of a helicopter attack on a compound near his home in Abbottabad, Pakistan. The attack, it turned out, was the one that killed Osama bin Laden.
Athar becomes trusted source
In the days since President Barack Obama announced bin Laden's death, Athar's Twitter feed, @ReallyVirtual has blown up, and become a go-to source for several major news outlets looking to figure out details of the incident as they happened.
Now, the security firm Websense reports that Reallyvirtual.com, Athar's website, has been hacked.
The attackers infected Athar's website with the Blackhole exploit kit, a malicious Russian-developed malware program that targets vulnerabilities in Java and Adobe programs. (Blackhole was used in an attack against the United States Postal Service last month.)
The source turns scary
Although his Twitter feed, @ReallyVirtual, remains healthy and intact, the hack has already caused problems on a major scale. Several news stories, including ones filed by CNN and the New York Times, reference -- and even include links to -- Athar's now-popular Twitter page.
The danger lies in the fact that Athar's website -- the one now compromised -- is included as a hyperlink on his Twitter page.
The clever approach of the hack, Websense wrote, puts people trying to follow "one of the most highly visible stories in the world" a mere "two clicks" away from a dangerous and harmful website.
These hacks are routine
This kind of cybercriminal hijacking is no surprise. Any time there's a news story of global interest, online criminals are looking for a unique way to prey on the massive Web traffic related to it.
This morning (May 3), the security firm F-Secure found a file called Fotos_Osama_Bin_Laden.zip attached to an email spam message. The malicious attachment will not show you pictures of bin Laden, but downloading it will infect your computer with a Trojan that can steal your bank account credentials.
To stay safe while searching the Web for information about bin Laden's death, never open unsolicited emails or suspicious attachments, and stay away from links -- especially ones spread through Facebook and Twitter -- that claim to have pictures or video footage related to the incident.