Security Alert: Boston Malware

By gTIC ·

Boston Marathon Malware Alert:

As being reported by many in the security industry and by US-CERT (http://www.us-cert.gov/ncas/current-activity/2013/04/17/Scams-Exploiting...). A number of unscrupulous actors are using the unfortunate incident to spread malware.

By exploiting many individuals desire to see video of the event has lead to numerous infections via an iframe within the web site that provides access to YouTube video of the event. Many organizations including Trend Micro, Sohpos, and Kapersky Lab have also released warning regarding the spread of this attack.

As the attack is examined further by researchers more information may become available as to faster identification of the attack and for compromised devices. Gary Warner has provided significant information on his research on his Blog (http://garwarner.blogspot.com/2013/04/boston-marathon-explosion-spam-lea...). This information should be utilized by organization's security operations groups to protect their environments.

It is expected that this type of attack is not relegated to just email dissemination, so additional social media can be expected to be impacted by this attack. Employee's should be made aware of the potential for malicious abuse after any significant event occurs and should observe caution when searching for event information or clicking on links within emails or on any social media site.