Security Corner

Apr 17 2013   3:04PM GMT

Despicable cyber-slugs exploiting Boston Marathon bombing with Trojan attack

Ken Harthun Ken Harthun Profile: Ken Harthun

Despicable, but it’s always inevitable in the wake of any human tragedy. Cyberslugs (I won’t elevate them to cybercriminal status, though they are certainly criminals) are using the Boston Marathon bombing to spread malware. Spam emails claim to contain a link to video of the bombing. The links vary but take you to a website that attempts to infect your computer with a Trojan horse. The videos are, in fact, real YouTube videos that disguise the malicious activity.

Subject lines of the emails vary, but include:

  • 2 Explosions at Boston Marathon
  • Aftermath to explosion at Boston Marathon
  • Boston Explosion Caught on Video
  • Video of Explosion at the Boston Marathon 2013

According to Sophos’s blog, nakedsecurity:

If installed, the malware makes changes to the Registry and installs the following files, allowing hackers to gain remote access to infected computers:

<System>\drivers\npf.sys
<System>\Packet.dll
<System>\wpcap.dll

The file NPF.sys is registered as a new service named “NPF”, with a display name of “WinPcap Packet Driver (NPF)”.

Never accept “news” from other than legitimate news sources, especially not from unsolicited emails.

1  Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • pianoman629
    I noticed that you are still promoting profitclicking.........I requested a withdraw in November of 2012, and they have not paid me one dime. They owe me a LOT of money, and as far as I am concerned, they are liars and thieves, I am plastering that all over the internet, because they are nothing but a SCAM
    10 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: