Skip to main content

Boston Marathon/West, Texas Spam Campaigns

There is a new spam campaign in circulation using the Boston Marathon bombings that occurred on April 15, 2013 as a lure. Users are sent an e-mail encouraging them to a watch a video of the explosion. When the user clicks on the enclosed link to watch the video malware is installed on the user’s computer.

 

The following URL patterns have been found in these e-mails:
http://[IP-address]/boston.html 

http://[IP-address]/news.html

 

When the user clicks on one of the links the Kehlios worm is installed on the user’s system which has the capacity to send spam; carry out Distributed Denial of Service Attacks; and steal online currency such as bitcoins. Most major anti-virus vendors have signatures for detecting this malware so users should keep their antivirus programs up-to-date.

 

In addition to the Boston Marathon spam campaign, a West, Texas plant explosion spam campaign has also sprung up. This spam campaign uses similar exploitation techniques as the Boston Marathon spam campaign previously described.  Subject lines of spam e-mails have been modified to contain content relative to the West, Texas plant explosions.  The following URL pattern is included within spam emails to lure users to malicious sites. 

 

http://[IP-address]/texas.html 

http://[IP-address]/news.html

 

Subject lines used in the spam emails:

·         2 Explosions at Boston Marathon;

·         Aftermath to explosion at Boston Marathon;

·         Boston Explosion Caught on Video;

·         "BREAKING - Boston Marathon Explosion";

·         "Video of Explosion at the Boston Marathon 2013";

·         "Runner captures. Marathon Explosion";

·         2 Explosions at Boston Marathon;

·         Aftermath to explosion at Boston Marathon;

·         Arbitron. Dial Global. Boston Bombings;

·         Boston Explosion Caught on Video;

·         BREAKING - Boston Marathon Explosion;

·         Explosion at Boston Marathon;

·         Explosion at the Boston Marathon;

·         Explosions at Boston Marathon;

·         Explosions at the Boston Marathon;

·         Opinion: Boston Marathon Explosions made by radical Gays? Really? - CNN.com;

·         Opinion: Boston Marathon Explosions - Romney Benefits? - CNN.com;

·         Opinion: Boston Marathon Worse Sensation - Osama bin Laden still alive!? - CNN.com;

·         Opinion: FBI knew about bombs 3 days before Boston Marathon - Why and Who Benefits? - CNN.com;

·         Opinion: Osama Bin Laden video about Boston Marathon Explosions - bad news for all the world. - CNN.com.

Comments

Post a Comment

Popular posts from this blog

Police Report: May 8-11

Friday May 8th : 3400 block of 11 Newton Street : At about 2 pm officers responded for the report of a woman who had been assaulted by her boyfriend. The boyfriend allegedly punched the woman in the mouth and choked her. She told the officers that she did not want any police assistance and refused to tell the officers what had occurred. She was referred to the District Court Commissioner if she decided to press charges at a later time. Saturday May 9th : Nothing significant to report. Sunday May 10th : 4500 block of Eastern Avenue (BP station) : At about 11 am officers responded for the report of a stolen auto. The officers met with the victim/owner who told them that he left the keys to his 2002 Lincoln on the front seat when he went inside to pay for gas. When he came out of the store he saw his Lincoln being driven up Eastern Avenue towards Rhode Island Avenue by a black male (no further description). A check of the area for the stolen car proved negative and a lookout for it was gi
5 comments
Read more

Police Report: June 9-10

June 9th : 2500 block of Allison Street : At about 1 pm officers took a report of a citizen robbery . The victim told the officers and PGPD robbery detectives that she arrived to meet a client when she was approached by two black males. One of the men approached her from the front; the second came up behind her and placed her in a head lock. The second man demanded the keys to her gold 2005 Honda Accord (MD tags 9FA Y36). The victim complied and the two got into her car and fled the scene. The victim described her assailants as black males about 19-20 years of age. The first man was about 5’8” tall with shoulder length dreadlocks and was wearing a white t-shirt, long jean shorts, white socks and tennis shoes. The second man was about 5’10” tall, also had shoulder length dreadlocks and was wearing a white navy hat. The officers also discovered a white 2004 Chevrolet Express van that is believed to have been driven to the scene by the two suspects. A check of the vehicle’s registration
Post a Comment
Read more