Boston bombings used as malware scam bait
From mashable
Just hours after the Boston Marathon bombings Monday, scammers were already using the tragedy to fuel their malware campaigns, according to a study by Romanian anti-virus firm Bitdefender.
The study found that the words “marathon,” “Boston” and “explosion” found their way into the subject headers of one out of every five spam messages in the hours and days following the event.
The use of news events to spread malware is nothing new for scammers. Just last month, scammers used the news of the pope’s installment as bait for email victims. Emails containing links to malware-laden sites were circulated with subject lines such as “New Pope Sued for Not Wearing Seatbelt in Popemobile.”
But this week’s spam strikes a more somber note. With subject headers such as “Aftermath to Explosion at Boston Marathon” and “Boston Explosion Caught on Video,” these emails aim to ensnare those looking for more information about the attacks.
According to Bitdefender’s Hot for Security blog, the emails contain links to malicious websites using URLs ending with “news.html” and “boston.html.”
When clicked, the links direct users to a seemingly innocuous YouTube page displaying videos of the bombings. But after a short delay, an executable file is activated and the malware installs itself on victims’ computers.
Bitdefender identified the malware as Trojan.GenericKDZ.14575, a component of the infamous RedKit browser exploit pack — the same malware that recently infected visitors to the NBC website.
The Trojan is a password stealer that can grab users’ account passwords directly from their browsers. The malware also monitors network traffic of infected computers and may be used to steal Bitcoin wallets, send emails and download other malware.
As TechNewsDaily reported in the hours following the Boston bombings, Internet users need to remain alert in the wake of major news events.
Be wary of unsolicited emails, even those you receive from friends. If you want to donate to victims, do so only through charity organizations you know and trust.
Last but not least, make sure your anti-virus software warns your Web browser about malicious links.
For more on this story go to: