The Boston bombing claimed the lives of three innocent people on Monday , this tragic
incident is is already being used by cybercriminals in an attempt to lure people into clicking malicious links embedded in emails with subject lines related to the bombing. In SpamTitan quarantine reports some of the email titles we have been seeing include “Boston Explosion caught on video “or “Explosion at Boston Marathon containing links that suggest they are pointing to news websites. Unsuspecting users that click on the links are taken to a page that displays YouTube videos covering the bombings.
While there’s nothing malicious about the clips themselves, after a 60-second delay, the website prompts victims to download an executable file called “boston.avi____exe”. Once it infects a computer, this piece of malware attempts to connect to several IP addresses in Taiwan, Argentina and Ukraine. SpamTitan users are protected from these type of attacks. SpamTitan blocks the attack using multi-level detection including Antispam, Baysean analysis, antivirus (AV). The double antivirus in SpamTitan detects the downloaded file and isolates.