Boston bombing spam attack morphs into Texas explosion spam attack

Print Friendly, PDF & Email

By Dave Michmerhuizen – Research Scientist, Luis Chapetti – Security Researcher

Just days ago malware distributors seized on the horrific bombing at the Boston Marathon to send out attack spam that offered videos but delivered a malicious Java download. At Barracuda Labs we've seen waves of this spam followed by something even worse – the spammers are now exploiting the desire for news about the recent fertilizer plant explosion in the town of West, Texas.  Similar to the Boston bombing spams, these messages are just a subject line such as “Raw: Texas Explosion Injures Dozens” and a hyperlink such as http://186.34.217.{deleted}/texas.html.

 

Do Not click on any of these links!! Clicking on such a link pulls up Youtube video previews and then loads an attack page from a hacked website elsewhere on the internet. The attack page automatically delivers a Java attack against the browser. Once you see the video previews, it's already too late. If successful, the attack installs malware which intercepts internet traffic looking for passwords and other sensitive information. This is a very high volume campaign which is using dozen's of IPs and compromised sites and swapping in new ones as existing ones are discovered and shut down. Be safe and get your news directly from trusted sources – not from unsolicited email links.

Scroll to top
Tweet
Share
Share