SECURITY ALERT Bin Laden Suicide Virus - Latest Internet Hoax

Since 07-14-05


From: []
Sent: Thursday, July 14, 2005 10:43 AM
To: undisclosed-recipients
Subject: SECURITY ALERT Bin Laden Suicide Virus: Latest Internet Hoax


This trojan horse has been around since last year at this time but seems to be resurfacing once again.  Please note that the below article was posted on the Internet on July 26. 2004.

Bin Laden Suicide Virus: Latest Internet Hoax (resurfaced)

By Jeff Sommers
Part of the ECT News Network
07/26/04 10:10 AM PT

Last week's launch of the 'Bin Laden' virus is indicative of the ongoing wave of malicious activity launched on the Internet by virus writers. Graham Cluley, senior technology consultant for Sophos, remarked, "Thousands of messages have been posted onto Internet message boards and Usenet newsgroups claiming that journalists from CNN found the al-Qaida leader's hanged body earlier this year."
Why upgrade your technology?

Because great ideas deserve great technology. When you’re bringing ideas to life, your desktops, notebooks and servers should work with you, not against you. So why wait? Get new systems today and start creating tomorrow. CDW. The Mac Solutions You Need When You Need Them. 

An online security firm warned Saturday that the latest Internet virus was using spectacular claims about the death of terrorist leader Osama Bin Laden to trick people into infecting their own computers.British-based computer security group revealed that statements have also been posted on thousands of Internet message boards offering a link to information about the purported suicide of Osama Bin Laden, leader of the al-Qaeda terrorist network and the world's most wanted fugitive.

Internet Chat Rooms Spreading Virus

Thousands of rogue messages have been posted on Internet chat rooms in the past few days suggesting journalists have discovered the body of Bin Laden hanged.T he messages urge users to visit a Web site to view photos of Bin Laden, which they claim have been withheld by U.S. authorities while they confirm the identity of the body., has published a sample of the posted messages: "Osama Bin Ladin was found hanged by two CNN journalists early Wednesday evening. As evidence they took several photos, some of which I have included here. As yet, this information has not hit the headlines due to Bush wanting confirmation of his identity but the journalists have released some early photos over the Internet."

E-Mail Links to Trojan Horse Virus

Hackers are also sending e-mails supposedly containing evidence that Osama Bin Laden has committed suicide.The e-mails direct users to a Web site where a file containing photographs of the alleged suicide can be downloaded. In reality, however, when unsuspecting users click on the link purported to be for downloading photographs of Bin Laden's body, their computers are infected with a "Trojan horse" virus that gives the perpetrators access to, and control of the victim's computer. Graham Cluley, senior technology consultant for Sophos stated "Thousands of messages have been posted onto Internet message boards and Usenet newsgroups claiming that journalists from CNN found the al-Qaida leader's hanged body earlier this year."

Sophos: Ongoing Virus Attacks

Last week's 'Bin Laden' virus is emblematic of the ongoing wave of criminal acts launched on the Internet by computer hackers. Cluley also remarked, "Hackers and virus writers will try all kinds of tricks to entice people into downloading their malicious code. It seems this time that the hacker has focused on the public's morbid curiosity and appetite for news on the war against terror."In light of the Bin Laden hoax, security experts are warning anyone with a computer to be sure they have up-to-date anti-virus software to prevent themselves from becoming victims of this latest Trojan.

Emails with pictures of Osama Bin-Laden hanged are being sent and the moment that you open these emails your computer will crash and you will not be able to fix it!!!

This e-mail is being distributed through countries around the globe, but mainly in the US and Israel.

Don't be inconsiderate; send this warning to whomever you know.

Confirmed at:

Origins: There are few headlines that would grab the attention of more computer users around the world than "Osama bin Laden Captured," and that's exactly what whoever created this lure was counting on to snare unsuspecting victims who use Microsoft platforms.

"Osama bin Laden Captured" isn't a virus in itself; it's the text of a message that includes a link to a file called EXPLOIT.EXE. When a message recipient clicks on this link to view what he thinks are pictures of Osama bin Laden's capture, he can end up downloading an executable
Trojan known as Backdoor-AZU, BKDR_LARSLP.A, Download.Trojan, TrojanProxy.Win32.Small.b,or Win32.Slarp.  Clicking the embedded link in the "Osama bin Laden Captured" message auto-executes a file called "EXPLOIT.EXE," which exploits a known security hole to download the Trojan.

According to McAfee Security:

The Trojan opens a random port on the victim's machine. It sends the Port information to a webpage at IP address The Trojan listens on the open port for instructions and redirects traffic to other IP addresses. Spammers and hackers can take advantage of compromised systems by using the infected computer as a middleman, allowing them to pass information through it and remain anonymous.

Microsoft has made available updates that close the hole exploited by this Trojan.