Cybercriminals Capitalize on Boston Marathon Bombing
Cybercriminals have exploited Monday's explosion at the Boston Marathon to spread chaos online. Within just 24 hours of the tragic incident, Trend Micro observed an outbreak of more than 9,000 Blackhole Exploit Kit spammed messages, all related to the disaster. Some of the spammed messages used subjects including (but not limited to) "2 Explosions at Boston Marathon", "Aftermath to explosion at Boston Marathon", or "Video of Explosion at the Boston Marathon 2013".
The unsolicited message only contains a URL link, which directs unsuspecting users to download a malicious file detected as WORM_KELIHOS.NB in a drive-by-download attack. This piece of malware not only has the capability of worm via a removable drive but also has the capability of stealing credentials from FTPs.
Trend Micro has noted a significant number of malicious URLs gathered via the Trend Micro Smart Protection Network related to the Boston Marathon explosions, with the United States leading the pack among the other countries monitored.
Trend Micro is advising Internet users to:-
- Verify the source – Check the sender of the email if known or not. Discard the email if the source is unknown. If the sender is someone you know and the message requests for personal information, try to verify the request from the sender through a different medium.
- Examine the URL – Double-check the links contained in email messages. Check the URL in the browser address bar and make sure that you are in the right website.
- Handle attachments with caution – Refrain from opening attachments contained in emails from unknown sources. The attachment is likely to be a malicious file which when opened will be installed into your system.
- Read between the lines – Check the text of the email message for grammar lapses, strange word- ings, and other errors. Also, observe the quality of the images in the message, as these are likely to be of low quality if they are sent by fraudulent users.
- Check with a techie friend – If still in doubt of the integrity of a certain message or website, seek the assistance of a techie friend and ask for ways to verify.
Source: Trend Micro Blog