Ransomware Lurking In New Boston Marathon Themed Spam CampaignWritten by Sue Walsh on April 24, 2013
A huge new spam campaign is pounding the net with ransomware laden messages. The messages claim to offer breaking news and exclusive videos about the Boston Marathon bombings and subsequent manhunt that gripped the city with fear.
Instead the links lead the user to a compromised site that infects the computer with ransomware. This type of malware takes over a computer and locks down all its data and internet access. In order to get it back, the user is told to pay a fee, which can be in the hundreds of dollars. If they refuse to pay they could potentially lose all their files.
A second version of this campaign uses a Java exploit to infect computers with malware that intercepts all network traffic, keystrokes and login credentials. It also uses the computer to pump out massive amounts of spam. The malware is programmed to check what version of Java is running and customizes the attack based on that information. The user is directed to a page displaying 5 different YouTube videos but it also has an embedded Java applet that does the dirty work.
This massive campaign is just one of many. Expect to see more exploiting both the Boston Marathon bombings and the massive manhunt that gripped the city in the days that followed. Spammers love to take advantage of hot news stories, tragedies, natural disasters and other attention getting topics. With Mother’s and Father’s Day coming expect to find spam with those themes as well, along with summer vacation, graduation and World Cup themed spam.