Cyber Criminals Use Malaysia Airlines Flight MH17 Plane Crash News to Bait Users

Status
Not open for further replies.

Petrovic

Level 64
Thread author
Verified
Honorary Member
Top Poster
Well-known
Apr 25, 2013
5,354
Any occasion that captures public attention – regardless of how sensitive – comes out to be an opportunity for spammers and hackers to snatch users’ personal information and spread malware, and the tragedy of the crashed Malaysia Airlines flight MH17 is no exception.
According to the U.S. intelligence officials, Malaysia Airline Flight MH17, a Boeing 777 aircraft carrying 283 passengers and 15 crew members, was struck by a ground-to-air missile. So far, it’s unclear, whether the missile was launched by the Russian military or pro-Russian separatist rebels. Ukraine and the insurgents blamed each other.
Spammers and cybercriminals are quick to take advantage of the tragedy and started spreading malware through the social media websites, abusing the mystery behind the crash of Malaysia Airline Flight MH17.

Researchers at the anti-virus firm Trend Micro came across some suspicious tweets written in Indonesian language. The cybercriminals are using the trending #MH17 to lure innocent users who are actually looking for news related to Malaysian Airplane Flight MH17 crash down.
The suspicious tweets started spreading just after Malaysian Airline tweeted on July 17: “Malaysia Airlines has lost contact of MH17 from Amsterdam. The last known position was over Ukrainian airspace.
Hundreds of users have already retweeted those malicious tweets that indirectly encourage their individual followers to visit the malicious links.


The website belongs to a shared hosting located in U.S which also host number of legitimate domains and researchers concluded that the purpose behind the spam campaign could be to gain attention of the visitors in order to make money from the advertisement.
Moreover, the shared hosting also provide hostage to a number of malicious domains as well, that are connected to a ZeuS variant and SALITY malware. ZeuS are very well known to steal financial information of the users, while SALITY is a “malware family of file infectors that infect .SCR and .EXE files,” researchers said in a blog post.
“Once systems are infected with this file infector, it can open their systems to other malware infections thus compromising their security.”

Full Article
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top