Apr 17 2013 3:04PM GMT
Posted by: Ken Harthun
Cyber-criminal, Cybercrime, Security, spam
Despicable, but it’s always inevitable in the
wake of any human tragedy. Cyberslugs (I won’t elevate them to
cybercriminal status, though they are certainly criminals) are using the
Boston Marathon bombing to spread malware. Spam emails claim to contain
a link to video of the bombing. The links vary but take you to a
website that attempts to infect your computer with a Trojan horse. The
videos are, in fact, real YouTube videos that disguise the malicious
activity.
Subject lines of the emails vary, but include:
Despicable cyber-slugs exploiting Boston Marathon bombing with Trojan attack
Posted by: Ken Harthun
Cyber-criminal, Cybercrime, Security, spam
Subject lines of the emails vary, but include:
- 2 Explosions at Boston Marathon
- Aftermath to explosion at Boston Marathon
- Boston Explosion Caught on Video
- Video of Explosion at the Boston Marathon 2013
If installed, the malware makes changes to the Registry and installs the following files, allowing hackers to gain remote access to infected computers:Never accept “news” from other than legitimate news sources, especially not from unsolicited emails.
\drivers\npf.sys
\Packet.dll
\wpcap.dll
The file NPF.sys is registered as a new service named “NPF”, with a display name of “WinPcap Packet Driver (NPF)”.
Comment
RSS Feed
Email a friend
No comments:
Post a Comment