Symantec Security Response researchers found that a search for “Pakistan prime minister assassination” led to a number of pages claiming to have video of the killing of Bhutto, who had returned from exile to again seek power.
The fake video displays what claims to be an ActiveX object error message, which infects PCs with a trojan, Vikram Thakur, Symantec Security Response researcher, said on a company blog.
“Following the link in the [pictured] image downloads a malicious file hosted on a server in Denmark. The malicious downloaded file is detected by Symantec products as Trojan.Emcodec,” Thakur said. “It just goes to show, even death isn't sacred to some.”
Bhutto was assassinated by a suicide bomber early Thursday morning after campaigning in Rawalpindi for parliamentary elections scheduled for Jan. 8. The former prime minister had returned to Pakistan in October, surviving an earlier attempt on her life upon her arrival.
Researchers at anti-virus vendor Trend Micro found a number of malicious websites taking advantage of PC users seeking news on the assassination via search engines.
Researchers at Websense also reported that malicious sites seeking to take advantage of the event had achieved high positions on prominent search engines.
The first site Websense researchers found was the second result in a Google search using “a generic and simple keyword,” according to a Websense alert, which added that the link did not prompt a warning from Google that the site may be malicious.