Spammers Exploit Brazilian Plane Crash - InformationWeek
IoT
IoT
Software // Enterprise Applications
News
7/19/2007
11:18 AM
50%
50%

Spammers Exploit Brazilian Plane Crash

Spammers are luring unsuspecting users to a malicious Web site by sending out e-mails promising information about the crash and the victims onboard.

Spammers were quick to take advantage of the tragic plane crash in Brazil this week.

Researchers at Websense Security Labs reported that a new spam campaign is using this week's crash to lure unsuspecting users to a malicious Web site. The e-mails link to a Web site that purports to contain information on the people onboard the plane, but actually simply infects the users' computers with malware.

On Tuesday night, an Airbus 320 with about 176 people onboard skidded off a runway during landing at an airport in Sao Paulo. The jetliner, which was owned by TAM Airlines, hit an office building and gas station, creating a fire that took hours to extinguish.

According to Websense, the message on the malicious Web page reads, "TAM reports that flight JJ3054 has taken off from Porto Alegre with 170 people onboard, between passengers and employees plus six more crew members (commanders and flight attendants). As soon as their names are confirmed, we'll notify the families before any further information becomes public, as determined by existing law TAM has made public all information available so far. Any relevant information will be provided immediately from TAM."

Websense reported in an advisory that users are prompted to run some code. However, when the code is launched, a Trojan Downloader is installed on the users' computers. The malware then connects to another site to download and install an information-stealing Trojan Horse.

The Web site, which has been compromised, is hosted in Korea. Websense researchers say this isn't the first time the site has been taken over to host malicious code.

Spammers generally are quick to take advantage of headline-grabbing tragedies.

In April, spam that promised images of the shootings at Virginia Tech began hitting inboxes worldwide. The spam carried a photograph of gunman Cho Seung-hui, who killed more than 30 students and teachers at the Virginia school before killing himself. The e-mails claimed to link to a Brazilian Web site carrying movie footage of the campus shootings, according to researchers at Sophos. Instead, curious uses who connected to the site were infected with spyware that acted like a banking Trojan.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
[Interop ITX 2017] State Of DevOps Report
[Interop ITX 2017] State Of DevOps Report
The DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll