Spammers Start Campaigns Exploiting Boston Marathon Blasts

Soon as people across the globe came to know about the bomb blasts at the marathon race in Boston on 15th April, 2013, Kaspersky the security company issued an alert urging Internauts for being wary of malicious campaigns designed to exploit the incidence.

Kaspersky's researchers just detected waves of spam mails bearing the caption "Explosion at Boston Marathon" else "2 Explosions at Boston Marathon."

There are also web-links inside the messages which seemingly lead onto an archive labeled "news.html."

If anyone believes the e-mail and follows the web-links as directed it'll most certainly lead him onto a site, which exhibits video footages from YouTube on the blasts. Although the clips as such aren't malicious, yet following a 60-sec waiting time-period, a message appears on the site asking users to take down certain 'boston.avi____exe' executable file.

When executed, this file attempts at linking up with many IP addresses hosted at Taiwan, Ukraine and Argentina.

According to the Kaspersky researchers, they've identified the malware as 'Trojan-PSW.Win32.Tepfer.'

ISC (Internet Storm Center) of the SANS Technology Institute too advises Internet-users to be careful of bogus URLs created soon after Boston became prey of the attack.

Security Expert John Bambenek with ISC in his remark about the sad occurrence posted online that merely hrs following the Boston assault, some 125 potentially bogus URLs were created and those counted up to 234 currently. A few of the URLs were merely parked URLs, while a few belonged to squatters who were preventing con guys from reaching the same. Hitherto, no information had come about any spam associated with that; however, there'd been some false accounts on Twitter that were pretty fast getting squashed, Bambenek analyzed. ISC.sans.edu published this dated 16th April 2013.

Therefore, during events similar to the above, the standard suggestion is that people wishing towards donating must do essential investigations into charitable websites to determine their genuineness.

Moreover, AVG adds that web-links coming through unsolicited e-mails shouldn't be clicked if the messages come from unknown sources however real they may appear. Besides, computer operators must ensure they've updated AV software as fresh malware keeps arising nearly daily.

Related article: Spammers Target Church and Charity

» SPAMfighter News - 4/22/2013