Skip to main content

Boston Marathon/West, Texas Spam Campaigns

There is a new spam campaign in circulation using the Boston Marathon bombings that occurred on April 15, 2013 as a lure. Users are sent an e-mail encouraging them to a watch a video of the explosion. When the user clicks on the enclosed link to watch the video malware is installed on the user’s computer.

 

The following URL patterns have been found in these e-mails:
http://[IP-address]/boston.html 

http://[IP-address]/news.html

 

When the user clicks on one of the links the Kehlios worm is installed on the user’s system which has the capacity to send spam; carry out Distributed Denial of Service Attacks; and steal online currency such as bitcoins. Most major anti-virus vendors have signatures for detecting this malware so users should keep their antivirus programs up-to-date.

 

In addition to the Boston Marathon spam campaign, a West, Texas plant explosion spam campaign has also sprung up. This spam campaign uses similar exploitation techniques as the Boston Marathon spam campaign previously described.  Subject lines of spam e-mails have been modified to contain content relative to the West, Texas plant explosions.  The following URL pattern is included within spam emails to lure users to malicious sites. 

 

http://[IP-address]/texas.html 

http://[IP-address]/news.html

 

Subject lines used in the spam emails:

·         2 Explosions at Boston Marathon;

·         Aftermath to explosion at Boston Marathon;

·         Boston Explosion Caught on Video;

·         "BREAKING - Boston Marathon Explosion";

·         "Video of Explosion at the Boston Marathon 2013";

·         "Runner captures. Marathon Explosion";

·         2 Explosions at Boston Marathon;

·         Aftermath to explosion at Boston Marathon;

·         Arbitron. Dial Global. Boston Bombings;

·         Boston Explosion Caught on Video;

·         BREAKING - Boston Marathon Explosion;

·         Explosion at Boston Marathon;

·         Explosion at the Boston Marathon;

·         Explosions at Boston Marathon;

·         Explosions at the Boston Marathon;

·         Opinion: Boston Marathon Explosions made by radical Gays? Really? - CNN.com;

·         Opinion: Boston Marathon Explosions - Romney Benefits? - CNN.com;

·         Opinion: Boston Marathon Worse Sensation - Osama bin Laden still alive!? - CNN.com;

·         Opinion: FBI knew about bombs 3 days before Boston Marathon - Why and Who Benefits? - CNN.com;

·         Opinion: Osama Bin Laden video about Boston Marathon Explosions - bad news for all the world. - CNN.com.

Comments

Post a Comment

Popular posts from this blog

Police Report: August 19-25

August 25 th : 3300 block of Chauncey Place : Vehicle impound – 12:45pm. Officers patrolling with a mobile license plate reader received a notification that the tags on a Mazda were suspended. However, the tags were displayed on a 2003 Dodge Durango. The Dodge was unregistered so it was impounded and the tags were seized for return to MVA. 4000 block of 34 th Street : Trespassing – 2:05pm. Officers responded for the report of a disorderly subject at ZZ Pizza. When the officers arrived they detained the highly intoxicated subject and learned that he had entered the restaurant and demanded food. They also learned that the owners had previously banned him from the restaurant. He was arrested, charged with trespassing and delivered to the custody of DOC in Upper Marlboro. 3200 block of Queenstown Drive : Traffic/vehicle impound – 9:50pm. Officers stopped a 1999 Honda Accord for a traffic violation. Further investigation revealed that the driver did not have a driver...
2 comments
Read more

Police Report: May 8-11

Friday May 8th : 3400 block of 11 Newton Street : At about 2 pm officers responded for the report of a woman who had been assaulted by her boyfriend. The boyfriend allegedly punched the woman in the mouth and choked her. She told the officers that she did not want any police assistance and refused to tell the officers what had occurred. She was referred to the District Court Commissioner if she decided to press charges at a later time. Saturday May 9th : Nothing significant to report. Sunday May 10th : 4500 block of Eastern Avenue (BP station) : At about 11 am officers responded for the report of a stolen auto. The officers met with the victim/owner who told them that he left the keys to his 2002 Lincoln on the front seat when he went inside to pay for gas. When he came out of the store he saw his Lincoln being driven up Eastern Avenue towards Rhode Island Avenue by a black male (no further description). A check of the area for the stolen car proved negative and a lookout for it was gi...
5 comments
Read more

Police Report: October 8-10

October 8th : 4600 block of 29th Street : At about 3 pm officers took a report of a citizen armed robbery . The victim told the officers that he was approached by two men wearing ski masks. One of the men pointed a handgun at him and robbed him of his cell phone and cash. The two suspects got into a black SUV and fled the area. The victim was not able to provide a description of the suspects or a more detailed description of the SUV. PGPD detectives responded to the scene and assisted with the investigation. 2900 block of Arundel Road : At about 9:45 pm officers investigated a residential burglary . The victim/resident told the officers that she left her apartment at about 4 pm. At about 9:45 pm a downstairs neighbor discovered that the victim’s door had been pried open and called police. The victim reported numerous pieces of jewelry, two computers, two iPhones, and a home theater system missing from the apartment. No further evidence or witnesses were located. October 9th : 4...
Post a Comment
Read more