Johnny Depp is not dead, but hackers exploit false Twitter rumors

January 25, 2010 Sophos Press Release

IT security and data protection firm Sophos is warning that hackers have exploited false news reports that actor Johnny Depp had died in a drunken car crash to spread malware.

Innocent computer users forwarded what they believed to be breaking news of Depp's death on a roadside outside Bordeaux, France, to their friends spreading the bogus news via Twitter and Facebook.

However, as the rumor that Depp was dead spread like wildfire, hackers exploited the situation, creating webpages that claimed to contain video footage of the car crash - but were really designed to infect visiting computers with a Trojan horse.

According to Sophos, hackers have been creating malicious webpages and stuffing them with keywords related to Johnny Depp's alleged death, taking advantage of the fact that many people are currently searching the internet for further information or confirmation (one way or the other) as to whether Depp is alive or not.

"Twitter was swamped over the weekend with 'news' of Depp's supposed death - making 'RIP Johnny Depp' one of the hottest trending topics. For a while it was also the second most popular search term on Google. The rumour gained such momentum that it was impossible to stamp out the hoax," said Graham Cluley, senior technology consultant at Sophos. "The original webpage containing the bogus CNN report was nothing more than a sick joke, but the pages containing the Trojan horse prove that cold-hearted hackers are never slow to make the most out of an opportunity, and were eager to infect as many of Depp's fans as possible."

Sophos detects the malware, which poses as an ActiveX codec needed to watch the video on the infected webpage, as Troj/Dldr-DB. Users are advised to ensure that they are running up-to-date anti-virus protection, and check with their security vendor that it detects the malware.

Sophos notes that Johnny Depp is not the first celebrity to have had their bogus death exploited by hackers. In the past Harry Potter actress Emma Watson and rapper Kanye West have both had fake stories distributed claiming that they died in car crashes, and actors Jeff Goldblum and Tom Cruise have been the subjects of false claims that they fell off a cliff while filming.

"Hackers have a taste for the macabre - feeding off the public's interest in celebrity deaths as well as sex scandals," explained Cluley.

"Even if, as in this case, the story isn't true they can take advantage of the wave of interest in a possible death and use it to infect as many computers as possible. Computer users should always check the news on legitimate news websites, and be wary of downloading unknown code onto their PCs."

More information about this threat is available on Graham Cluley's blog.