Spanish train disaster exploited by sick malware authors


Train derailmentI warned in my last article about the CNN Breaking News malware attacks, that are exploiting news stories about the royal baby and other topics, but the latest incarnation of this internet attack really sends a chill down the spine.

Spam messages have been sent out about the horrific inter-city train derailment, near Santiago de Compostela in in the North West of Spain, claiming to be a breaking news report from CNN.

Here’s what the messages can look like, with content clearly lifted from a real CNN online report:

Spanish train disaster - malicious email

The text of the message reads as follows:

77 dead after train derails, splits apart in Spain
By Al Goodman, Elwyn Lopez, Catherine E. Shoichet, CNN July 25, 2013 -- Updated 0939 GMT (1739 HKT)
iReporter: 'It was a horrific scene'

NEW: Train driver told police he entered the bend too fast, public broadcaster reports
NEW: Regional governor declares 7 days of mourning for the victims, broadcaster says
Witness: "The train was broken in half. ... It was quite shocking"
77 people are dead, more bodies may be found, regional judicial official says

Madrid (CNN) -- An express train derailed as it hurtled around a curve in northwestern Spain on Wednesday, killing at least 77 people and injuring more than 100, officials said.� Full Story >>>>

If you click on the links, you run the risk of your computer becoming infected by a malicious Trojan horse which could steal your passwords.

I realise that in all likelihood this current spate of attacks are just automatically scooping up hot stories from CNN’s website, and using them in their attacks - but still… whoever is behind this campaign clearly has no feelings towards the relatives and loved ones of the scores of people who were either killed or seriously injured in the accident.

If you build a system which hoovers up breaking news stories, and uses them as a means to infect the innocent there’s no two ways about it - you are sick in the head.

More details can be found on Dynamoo’s blog.

Tags: , , , , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , , , , ,

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.