Australian link to Michael Jackson spam campaign
A Michael Jackson spam storm has infiltrated websites around the world.
In Sydney, cyber-criminals hacked into a web server that services Beatz Radio, a weekly dance music show on FM 99.3. The hackers allegedly used the site to host a file claiming to provide previously unseen videos and pictures of Jackson.
The file was in fact a password-stealing trojan. Links to a fake YouTube clip were then sprayed out across the world as part of an e-mail spam campaign that sought to exploit the outpouring of grief after Jackson’s death last week.
Beatz Radio chief Tim Little had no idea what had happened until he was contacted by the Australian Computer Emergency Response Team. It informed him some security groups and search engines had blacklisted his site, he said. He has now removed the malware.
“Our site has been hacked twice and it has only just gone live today,” Little said. “The first time it got hacked they actually put pictures of dead babies and it was all in Turkish, which was quite concerning – but luckily the site wasn’t open to the public.”
Jay Liew, security researcher at WebSense security labs in the US, which discovered the Australian link in the Jackson spam campaign, said cases of innocent websites being hijacked by cyber-criminals were frighteningly common.
“If you’re an independent radio station … you wouldn’t have a huge budget to manage your security, so unless you’re really technical and know how to lock down your server, you’re susceptible to all these attacks from bad guys,” Liew said.
This entry was posted on Thursday, July 2nd, 2009 at 1:18 pm .You can follow any responses to this entry through the RSS 2.0 feed.