English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Boston Aftermath

Michael
Kaspersky Lab Expert
Posted April 17, 04:02  GMT
Tags: Spam Letters, Social Engineering, Malvertizing
0.3
 

While many are still in shock after the Boston Marathon bombings on 16 April, it didn't take long for cyber criminals to abuse that tragic incident for their dirty deeds.



Today we already started receiving emails containing links to malicious locations with names like "news.html". These pages contain URLs of non-malicious youtube clips covering the recent event. After a delay of 60 seconds, another link leading to an executable file is activated.



The malware, once running on an infected machine, tries to connect to several IP addresses in Ukraine, Argentina and Taiwan.
Kaspersky Lab detects this threat as "Trojan-PSW.Win32.Tepfer.*".

MD5sums of some of the collected samples:
5EA646FFDC1E9BC7759FDFC926DE7660
959E2DCAD471C86B4FDCF824A6A502DC

Our thoughts and prayers are with our colleagues in Massachusetts and others affected by the tragic events in Boston.


1 comments

mark117

2013 Apr 20, 10:10
0
 

Boston Aftermath

Hi Michael

It really does just goes to show that the people who are behind the scams are really just heartless b st$*~@,

I am from the U.K. and my heartfelt wishes go out to all the people and familly's who was there on that tragic day, and to the people who have lost loved ones and children in the attack,
It was only a marathon and it was meant to be a fun day for the organizers and the people that went, its just a sad day when you cant even run a marathon for fun/charity without the worry that you will/could be blown up for having some fun, as i say my thoughts go out to the familys/loved ones/friends of the people injured.

Cybercriminals never sleep and do not care about tragedy the way we do, or they would have never made up these e-mails, let alone send malicious software along with it.
Thank You
mark117

Reply    
If you would like to comment on this article you must first
login


Bookmark and Share
Share

Analysis

Blog