IT security and data protection firm Sophos is warning that
hackers have exploited false news reports that actor Johnny Depp
had died in a drunken car crash to spread malware.
Innocent computer users forwarded what they believed to be
breaking news of Depp's death on a roadside outside Bordeaux,
France, to their friends spreading the bogus news via Twitter and
Facebook.
However, as the rumor that Depp was dead spread like wildfire,
hackers exploited the situation, creating webpages that claimed to
contain video footage of the car crash - but were really designed
to infect visiting computers with a Trojan horse.
According to Sophos, hackers have been creating malicious
webpages and stuffing them with keywords related to Johnny Depp's
alleged death, taking advantage of the fact that many people are
currently searching the internet for further information or
confirmation (one way or the other) as to whether Depp is alive or
not.
"Twitter was swamped over the weekend with 'news' of Depp's
supposed death - making 'RIP Johnny Depp' one of the hottest
trending topics. For a while it was also the second most popular
search term on Google. The rumour gained such momentum that it was
impossible to stamp out the hoax," said Graham
Cluley, senior technology consultant at Sophos. "The original
webpage containing the bogus CNN report was nothing more than a
sick joke, but the pages containing the Trojan horse prove that
cold-hearted hackers are never slow to make the most out of an
opportunity, and were eager to infect as many of Depp's fans as
possible."
Sophos detects the malware, which poses as an ActiveX codec
needed to watch the video on the infected webpage, as Troj/Dldr-DB.
Users are advised to ensure that they are running up-to-date
anti-virus protection, and check with their security vendor that it
detects the malware.
Sophos notes that Johnny Depp is not the first celebrity to have
had their bogus death exploited by hackers. In the past Harry
Potter actress Emma Watson and rapper Kanye West have both had fake
stories distributed claiming that they died in car crashes, and
actors Jeff Goldblum and Tom Cruise have been the subjects of false
claims that they fell off a cliff while filming.
"Hackers have a taste for the macabre - feeding off the public's
interest in celebrity deaths as well as sex scandals," explained
Cluley.
"Even if, as in this case, the story isn't true they can take
advantage of the wave of interest in a possible death and use it to
infect as many computers as possible. Computer users should always
check the news on legitimate news websites, and be wary of
downloading unknown code onto their PCs."
More information about this threat is available on
Graham Cluley's blog.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.