Skip to main content

Security Alert - Royal Malware Security | Optiv

July 24, 2013

If you are following the news, you know that a new heir to the throne of England was born this week. As with any major news story being continuously discussed throughout the media, cyber criminals are going to take advantage of the world’s interest in the event. Just as the recent tragedy of the Boston Marathon bombing spawned malware, so is the birth of Prince William and the Duchess of Cambridge’s new son.

Research by ThreatTrack Security’s Chris Boyd shows “Royal Baby” malware is now being spread through spam messages. The specific malware being used is the nefarious Blackhole Exploit Kit that can drop Zbot or other types of malicious software or potentially unwanted programs on the victim system.

As with all emails received from unknown senders, be sure that you are suspicious of the message and its contents and do not open any messages or attachments from untrusted senders.

If you are able to implement blocks of URLs and domains, here is a list of currently known malicious URLs:

  • dynamicservicesllc(dot)com/forgives/index(dot)html#sthash(dot)p9UjAX96(dot)dpuf
  • gbihongkong(dot)org/erratic/index(dot)html#sthash(dot)p9UjAX96(dot)dpuf
  • fragrancessurplus(dot)com/topic/accidentally-results
  • stay(dot)php#sthash(dot)p9UjAX96(dot)dpuf
  • fragrancessurplus(dot)com/adobe/update_flash_player(dot)exe#sthash(dot)p9UjAX96(dot)dpuf

As always, ensure that your user community is up to date with best practices in the use of email systems.

For the original article from ThreatTrack Security and other indicators and analysis of this new malware campaign, click here.

More information from Sophos regarding the Blackhole Exploit Kit can be found here, and additional information from Symantec regarding the Zeus family of Trojans here.

Related Blogs

May 10, 2018

Observations on Smoke Tests – Part 3

While attending one of our technology partner’s security training courses, the instructor presented on their product’s various features and capabiliti...

See Details

May 03, 2018

Getting Started with Postman for API Security Testing: Part 1

Postman is a useful tool used by many developers to document, test and interact with Application Programming Interfaces (APIs). With the ubiquity of A...

See Details

September 08, 2010

Malware Mitigation Trends: Utilizing the Latest Weapons Against the Modern Malware Threat

In the malware mitigation market, there are divisions among the vendors. The perspective of the vendor, detection philosophy and technology approaches...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.

Privacy Policy


July 21, 2015

Network Security Solutions

Learn how we help protect your environment while maintaining connectivity.

See Details

May 09, 2018

Application Security

Learn how Optiv can help protect your most critical enterprise applications from both internal and external threats.

See Details

October 06, 2017

Managed Security Services - Service Guide

Learn about our flexible and scalable services to improve your security capabilities.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.


Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.