Software // Enterprise Applications
News
7/19/2007
11:18 AM
Connect Directly
RSS
E-Mail
50%
50%

Spammers Exploit Brazilian Plane Crash

Spammers are luring unsuspecting users to a malicious Web site by sending out e-mails promising information about the crash and the victims onboard.

Spammers were quick to take advantage of the tragic plane crash in Brazil this week.

Researchers at Websense Security Labs reported that a new spam campaign is using this week's crash to lure unsuspecting users to a malicious Web site. The e-mails link to a Web site that purports to contain information on the people onboard the plane, but actually simply infects the users' computers with malware.

On Tuesday night, an Airbus 320 with about 176 people onboard skidded off a runway during landing at an airport in Sao Paulo. The jetliner, which was owned by TAM Airlines, hit an office building and gas station, creating a fire that took hours to extinguish.

According to Websense, the message on the malicious Web page reads, "TAM reports that flight JJ3054 has taken off from Porto Alegre with 170 people onboard, between passengers and employees plus six more crew members (commanders and flight attendants). As soon as their names are confirmed, we'll notify the families before any further information becomes public, as determined by existing law TAM has made public all information available so far. Any relevant information will be provided immediately from TAM."

Websense reported in an advisory that users are prompted to run some code. However, when the code is launched, a Trojan Downloader is installed on the users' computers. The malware then connects to another site to download and install an information-stealing Trojan Horse.

The Web site, which has been compromised, is hosted in Korea. Websense researchers say this isn't the first time the site has been taken over to host malicious code.

Spammers generally are quick to take advantage of headline-grabbing tragedies.

In April, spam that promised images of the shootings at Virginia Tech began hitting inboxes worldwide. The spam carried a photograph of gunman Cho Seung-hui, who killed more than 30 students and teachers at the Virginia school before killing himself. The e-mails claimed to link to a Brazilian Web site carrying movie footage of the campus shootings, according to researchers at Sophos. Instead, curious uses who connected to the site were infected with spyware that acted like a banking Trojan.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.